Yeah but now a days you don't need to even open the attachment.... Windows
based MUA's are liked into the OS so deep that macro viruses just need to
be sent down and you're screwed.
Paul Farber
Farber Technology
[EMAIL PROTECTED]
Ph 570-628-5303
Fax 570-628-5545
On Mon, 13 Dec 1999, Dustin Miller wrote:
> Of course, server-based virus scanning isn't for people like you and I,
> people who scan their e-mails regularly either on their own mail server or
> on the client side, or people who automatically distrust attachments.
>
> But you and I and other members of this list are the exception to the rule,
> not the norm. As for using just the envelope addresses, I disagree
> slightly. If mail leaving my server is bound for a number of recipients,
> all of whom are listed on ONE "TO" or "CC" header, I'm going to alert all of
> them that they may have received a virus. I will not, however, send a
> message from my server to a LIST, should one of my users send a virus to the
> LIST.
>
> The more I think about it, though, the more I ask myself...
>
> Does the receipient REALLY need to know that someone tried to send them an
> infected file? If the sender gets a bounce message from MAILER-DAEMON that
> says, "I wasn't able to deliver your message; It was infected with the [blah
> blah] virus", wouldn't that be enough? What's the reasoning for informing
> the intended recipient that he was going to receive a virus, but didn't?
>
> Dustin
>
> -----Original Message-----
> From: Bruno Wolff III [mailto:[EMAIL PROTECTED]]
> Sent: Monday, December 13, 1999 4:09 PM
> To: Dustin Miller
> Cc: Russell Nelson; [EMAIL PROTECTED]
> Subject: Re: Oops, someone tried to send you a virus
>
>
> On Mon, Dec 13, 1999 at 03:58:50PM -0600,
> Dustin Miller <[EMAIL PROTECTED]> wrote:
> > The script I'm currenly working on (similar to another lister's system)
> > attempts to filter out list and group-type e-mail addresses. In the virus
> > alert the list received, the virus scanning program un a user's mail
> system
> > mistakenly assumed that the alert should've been sent to all intended
> > recipients of the message, in an attempt to notify all the possible
> > recipients that they had received a virus.
>
> Don't do this. Just use the envelope addresses. If the other people are
> worried about viruses, they will be running their own scanning software.
> They don't need your extra warning.
>
> >
> > The best solution, of course, is to run the virus program on the list
> > server's mail server, thereby preventing a mass infection of those who
> don't
> > run virus software.
>
> I disagree. This is a lot of overhead on the list server for little benefit.
> People who don't know how to safely handle their email can run virus
> scanners on their systems. The list server shouldn't have to waste cycles
> doing this.
>
> > Yes, I know, everyone should run virus software, but let's be honest: Not
> > many do.
>
> No, everyone shouldn't. People who don't know how to safely read email
> should,
> if they don't want to get burnt. Many people don't need to worry about
> the problem because we don't use Microsoft products to read email and don't
> run attached programs that are sent to us by email.
>
>
