David A. Cafaro said the following on 4/10/04 10:09 AM:
Unfortunately using REJECT on these emails because they have viruses
will still cause a deluge of useless email info to victim parties. They
may not be getting a warning that so and so email contains a virus,
instead they will get an email saying so and so email was rejected (an
email they never sent). Again, just a lot of lost bandwidth and
confused users wondering why they are getting messages about emails they
never sent (I know this first hand by explaining often to users what has
happened, that it isn't them, and to ignore it, over and over..). If
there is the ability to identify the virus emails and just dump them to
/dev/null, that is the best solution. Maybe you could try tracing down
the relaying server and alert them?
Rejecting with the appropriate mail code will not cause any bounces if
the e-mail is being sent by the viruses own engine. If it comes from
a regular mail server, then that mail server is misconfigured and shouldn't
be accepting virus e-mail anyway. If the mail admin is looking at his
logs, s/he will see the rejects and hopefully notice that their server
is misconfigred. The mail server doing the rejecting isn't sending any
e-mails, it's just saying it won't accept the e-mail. Silently discarding
the e-mail, besides being in violation of the SMTP spec, isn't a good
solution because in case it is a valid message, there's no way for the
sender or the recepient to realize that it was dropped. That is unacceptable,
especially if it's an ISP doing the dropping.
Cheers,
Tanner
--
Tanner Lovelace | Don't move! Or I'll fill ya full of... little
[EMAIL PROTECTED] | yellow bolts of light! - Commander John Crichton
--
TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
TriLUG Organizational FAQ : http://trilug.org/faq/
TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
