On Mon, Aug 25, 2003 at 11:29:10PM +0200, Buchan Milne wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Guillaume Rousse wrote: > > >>And the MTA should not snd any messages back when this is done, as the > >>sender most likely is not the real sender. > > > > the REJECT directive here just send the mail back to the real sender > during > > the STMP transaction, which is the virus here. > > Only when the client is sobig.f itself, if the client is another SMTP > server's client daemon, the user listed in "From" will get a message > from the client daemon :-(.
Yes, I just got 500 emails today with the sobits.f virus, on a normal client system, just for me, and then another 500 messages for me telling me that I have sent viruses to them, or email lists that I administer have sent email viruses to them. And I have to investigate much of this because I am moderating a number of lists and furthermore I pretend to be on holidays... :-( I would like if I could at least prevent the stupid messages that I have sent viruses, when this is forged. And I am not the only one in this mess. It is frontpage news on every newspaper here in Denmark. They say that about 1 out of 3 emails are sobit.f on a number of big installations here. Wuld be nice if my POP3 connection could filter it away. Would also improve my bandwidth. So I am mostly looking for a solution for POP3 kind of users - then novice users that Mandrake usually make their defaults for. How can I filter it for POP3 (I use it via fetchmail)? keld
