Yes, Richard... Default ON is a marketing oriented decision. I use the Amavisd on my mail gateway and it has this option:
# # Section IV - Notifications, quarantine # # Treat envelope sender address as unreliable # and don't send sender notification if name(s) # of detected virus(es) match the list. Note that # virus names are supplied by external virus scanner(s), # so the virus names may need to be adjusted. See # README.lookups for syntax. # $viruses_that_fake_sender_re = Amavis::Lookup::RE->new( qr'nimda|hybris|klez|bugbear|yaha|braid'i ); Pretty easy to avoid false-positive notifications. And, of course, you can set... $warnvirussender = 0; ...to no notifications at all. []s, MM ----- Original Message ----- From: "Richard M. Smith" <[EMAIL PROTECTED]> To: "'Fabio Gomes de Souza'" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Thursday, August 28, 2003 10:56 AM Subject: RE: [Full-Disclosure] AV "feature" does more DDoS than Sobig When I get one of these false alarm messages about Sobig, I am complaing to both the company who sent the message and the vendor who supplies the buggy software. If an anti-virus software package knows that a particular email virus uses forged return addresses, it shouldn't ever send out a warning message about an infected email message. If it does send out a message in this situation, the message will almost surely go to the wrong person. Of course, these warning messages are also a form of spam since many of them contain ads for the anti-virus software package that finds the infected message. Richard M. Smith http://www.ComputerBytesMan.com ################################################################# ################################################################# ################################################################# ##### ##### ##### ################################################################# ################################################################# ################################################################# _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
