Re: A request to all mail admins
From: Tim Haynes (usenet-20030828_at_stirfried.vegetable.org.uk)
Date: 08/28/03
- Next message: Nico Kadel-Garcia: "Re: National Security Backdoor in telnetd - all versions."
- Previous message: Juha Siltala: "Re: National Security Backdoor in telnetd - all versions."
- In reply to: Jem Berkes: "A request to all mail admins"
- Next in thread: Jem Berkes: "Re: A request to all mail admins"
- Reply: Jem Berkes: "Re: A request to all mail admins"
- Reply: Bruno Wolff III: "Re: A request to all mail admins"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 28 Aug 2003 10:21:55 +0100
Jem Berkes <jb@users.pc9.org> writes:
> A request to mail system admins: if you have virus scanners or some sort of
> worm/attachment blocking mechanism, please configure it to NOT send notices
> back to the sender that they sent a virus.
>
> These modern windows worms all forge the sender anyway. There are people
> like me who, unfortunately, have their addresses on too many windows
> users' address books and my inbox is flooded with "you sent a virus"
> notices. The notices just add to network congestion, and these are an
> avoidable bounce.
Agreed, with a couple other thoughts:
a) if you're going to bounce a viral mail, damn' well leave the attachment
in place so I can reject it.
b) bouncing virus mails is just as stupid as replying to any other kind of
UBE - it's automation of generating replies (new mails with different
envelopes), and is similarly moronic.
c) If you reject at the SMTP stage (ie the last state message after reading
in all the DATA is `550 Bog Off') then while you are giving the real sender
a message, and you're not generating the bounce yourself, you do risk
causing bounces from clueless smarthosts. I still maintain that this is a
misconfiguration error, for which the masses of innocent victims of
backscatter should mail postmaster@[smarthost's domain] to complain.
d) It would be nice if there were more of a way to tie in checks that "is
the bounce likely to go back where it came from?" at SMTP stage; we already
have the ability to do MX lookups on the Sender/Return-Path/mail-from
domain, and to connect into those MXes to see if they accept mail for the
user from <>; it should be possible to devise an algorithm where the
closeness of IP# for the MX of the return-path-to-be-used-in-a-bounce is
measured relative to the incoming connection - that way, relayed mail can
be detected, and you can influence your do-I-bounce-this-virus? decision
accordingly as well.
~Tim
-- And it's true we are immune. |piglet@stirfried.vegetable.org.uk When fact is fiction and |http://spodzone.org.uk/ T.V. is reality, |
- Next message: Nico Kadel-Garcia: "Re: National Security Backdoor in telnetd - all versions."
- Previous message: Juha Siltala: "Re: National Security Backdoor in telnetd - all versions."
- In reply to: Jem Berkes: "A request to all mail admins"
- Next in thread: Jem Berkes: "Re: A request to all mail admins"
- Reply: Jem Berkes: "Re: A request to all mail admins"
- Reply: Bruno Wolff III: "Re: A request to all mail admins"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
