On Thu, 30 Jun 2005, Matthew Schumacher <[EMAIL PROTECTED]> wrote:
There is another case where rejecting is better that hasn't been bought up yet (or at least I didn't read it) password protected zip archives. On our mail system we call these viruses simply because they almost always are, but if we where silently dropping them then that would be a problem.
Many viruses use their own SMTP engines, which just keep pumping the sludge, no matter how many 5xx errors you throw at them, and they do not display the mail server rejection messages to the local user. We deal with this issue by running a script against our mail server logs twice daily to identify systems in our net blocks which have submitted virus carrier messages to our SMTP servers. -- Paul Russell Senior Systems Administrator OIT Messaging Services Team University of Notre Dame _______________________________________________ Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
