On 9/2/2003 16:34, "Will Yardley" <[EMAIL PROTECTED]> wrote:
> However, I think it's a good > overall policy to reject any message that's not delivered - with any > sort of filter based on content, you're running a risk of rejecting > legitimate messages, so it's important that the sender realize the > message wasn't delivered. It's arguably a decent overall policy, but it fails in the case of Sobig-F which ordinarily forges the sender. Bouncing Sobig amounts to an attack on an innocent party...particularly if more than a smallish part of the incoming message is included. Other worms munge the envelope sender [SMTP MAIL FROM: command] (for example by incrementing or decrementing the second character of the envelope sender local part [Magistr, at least some of the Magistr versions] but leave the From: "real"); others munge "From:" but leave the envelope sender real. So unless you want to build a table of viruses and worms and the right way to bounce or not bounce, and maintain it for new inventions, it's become kinder not to bounce, but to drop on the floor. Likewise, sending a notice to [EMAIL PROTECTED] doesn't accomplish anything either (those messages get tossed unread). "Reliable mail delivery" has suffered blows from both the Spammers and the worm/virus crowd, and doesn't exist any more. It will be nice to retire and give up all my email accounts. --John the Pessimist ------------------------------------------------------ Mailman-Users mailing list [EMAIL PROTECTED] http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ This message was sent to: [EMAIL PROTECTED] Unsubscribe or change your options at http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
