On Fri, May 14, 2004 at 08:24:54AM -0500, Dallas L. Engelken wrote:
I specifically said 're-attach'. I did not say 'append in plain text'.
I'd love to see an end user get base64 into an executable to infect
themselves from an appended bounce message.
...
Nothing I work with seems to
Just curious which smtp clients re-attach the original message and
send it back to the return-path?? Whoever does this should
be shot!
I don't
Err - Qmail for starters? Sendmail? Postfix? Exchange? All
mail servers default to bouncing the ENTIRE message back to
sender - most
But no-one has explained why it is better than the current system!
Instead of giving a SMTP error, you get a personally written,
virus-specific
report send to your address.
If the virus was generated by a trojan, neither option would
cause the user
to be notified.
If this was a
On Thu, May 13, 2004 at 03:07:40PM +1000, Adam Goryachev wrote:
There are some dis-advantages that should be considered, which don't
seem to have been noticed yet. Namely, *IF* a worm sent it's message
using the configured SMTP relay, and the SMTP relay forwarded the
message to a system
On Thu, May 13, 2004 at 05:14:21PM -0500, Dallas L. Engelken wrote:
Seriously, my current take on this is that the currrent
system never sends viruses, and this fix will [effectively]
cause Q-S to generate viruses
Why does that scare me?
Just curious which smtp clients
On Fri, 2004-05-14 at 07:58, Jason Haar wrote:
On Thu, May 13, 2004 at 03:07:40PM +1000, Adam Goryachev wrote:
There are some dis-advantages that should be considered, which don't
seem to have been noticed yet. Namely, *IF* a worm sent it's message
using the configured SMTP relay, and the
On Fri, May 14, 2004 at 12:00:02PM +1000, Adam Goryachev wrote:
b) Hopefully if the mailserver bounced the email, it didn't allow the
original attachment to be included such that the receiver's mail program
can access it. ie, you always get at least a section of the original
Well most MTAs
On Thu, 2004-05-13 at 14:58, Jason Haar wrote:
On Thu, May 13, 2004 at 03:07:40PM +1000, Adam Goryachev wrote:
There are some dis-advantages that should be considered, which don't
seem to have been noticed yet. Namely, *IF* a worm sent it's message
using the configured SMTP relay, and the
1. I am an infected Windows PC. I use SMTP to send the virus to my
default SMTP gateway, it rejects the message (due to virus)
at the SMTP
layer. The virus doesn't report that SMTP error to the end user - so
they are unaware they are infected.
How many viruses send mail via the SMTP
Well, I understand what you are proposing. I have tried this way my
self and after the tests I leave it...
Look at the post Jason has sent after our posts of yesterday. In my
opinion, actually, it is not a good practice to notify the sender,
because almost all the sender (except some
Sending a 5xx error only makes sense if a message is
quarantined due to policy reasons (by perl_scanner) since
that is usually where you have false positives. Otherwise
99.9% of messages that have detectable viruses have fake
senders and therefore it would be meaningless to send a
On Wed, May 12, 2004 at 08:08:04AM -0500, Dallas L. Engelken wrote:
Nobody will bitch at you for handing a 550 to a virus infected email...
I guarantee it!
But no-one has explained why it is better than the current system!
Instead of giving a SMTP error, you get a personally written,
On Wed, May 12, 2004 at 08:08:04AM -0500, Dallas L. Engelken wrote:
Nobody will bitch at you for handing a 550 to a virus infected
email... I guarantee it!
But no-one has explained why it is better than the current system!
First of all, this is not a debate...
Jesse was making a
if ($REJECT_VIRUS $quarantine_event $destring =~
m/^virus/) {
error_condition(Virus detected, send SMTP error
code...,33);
}
if ($REJECT_SPAM $spam_event) {
error_condition(Spam detected, send SMTP error
code...,32);
}
I'm eager to
14 matches
Mail list logo
