Brett Dikeman wrote: > > At 3:15 PM -0500 4/29/02, Mate Wierdl wrote: > >Lately, I received emails such as > > > >"I received a lot viruses from the lyx users list, and now my > >windows partition is ruined." > > > >I am truly sorry to hear this, but: > > > >--- The virus _never_ originates from my server > > What follows is my personal opinion; [...] > > Technically it did come from your server, because you don't implement > any kind of virus protection or attachment blocking; I have emailed > viruses with the headers to prove they came through your box. > Blaming the list seems strange to me - given how email works:
compromised machine->smtp server->...->lyx list->smtp server->...->the machine you gets your mail off. protection may be applied on any of these machines, the lyx list isn't "special". I blame whoever sent the virus - i.e. the creator or the machine that fell for it. Not the smtp servers just passing the email on, this includes the lyx list. You seem to want to blame the nearest machine instead of the first one when you gets bad mail - you should then blame the machine you get your mail off. This is either your ISP email server or your company/department email server. The list is one of usually several "middle men" either way. > At this point, we need action, not finger pointing and "It's not my > problem." It IS your problem. YOUR list is getting used to send > viruses to YOUR list members. It is exactly your attitude that makes > this whole problem even worse; yeah, it's not our platform, yeah, > people should run antivirus software...but you're in denial if you > think ignoring it is going to solve anything. > It solves things nicely for him, for his linux machine aren't troubled by those viruses. Neither is mine. Complain to the virus creator or the owner of the cracked machine. Or use protection yourself - or sign up with one of those ISP's that filter for you. > It's equivalent to paramedics saying, "well, guns shouldn't be > made, bad people shouldn't have guns, and besides, since lots of > people DO have guns anyway, others should be wearing bulletproof > vests if they want to go around in public. So, don't call us if > someone gets shot, it's not our problem...it's the fault of the guy > who got shot because he wasn't wearing a vest." Interesting, but what is your position? Claiming that the list owner should protect _you_ is like saying "anyone providing a _street_ (where armed baddies might appear) should provide armor for everybody? > You've got three choices, given that Windows users are here to stay > and there are plenty of Windows users who don't run antivirus > software, who use Outlook(some don't have a choice, so don't get high > and mighty on 'em), etc. > The existence of ignorant windows users isn't the list maintainers fault. and the list maintainer isn't in a very special position either - there are usually smtp servers on both sides. Those windows users who "don't have a choice" don't because their company is responsible for the internal computer infrastructure. It is then the _company's_ responsibility to filter email before it gets to the fragile machines they insist on using. Not having antivirus on every desktop is cheaper and therefore a good idea _if_ viruses are stopped before they get that far. If they aren't they've got bigger problems than viruses via the lyx list. > -dump all attachments before they go to the list management [...] > -run antivirus software. amavis is one package, but it acts only as [...] > -give the list to someone who will handle the issue instead of > pointing fingers and dismissing the issue. Or recognize that this _isn't_ a list problem. 1. These people will get viruses anyway. 2. Quite a few of us don't need protection. (we already have, or we run invulnerable systems.) 3. "There exists ignorant windows users" simply isn't an excuse to pester the rest of the world with their unusal little problems. would you, as a windows user, install extra software in order to help problems only users of other systems get? Don't think so! So don't demand this service of others! Home windows users who don't want the hassle of protecting themselves can sign up with one of those nice virus-protected & firewalled ISPs. Company windows users should expect the company to provide safe email, or treat the company email as dangerous and untrustworthy. Helge Hafting
