On Tue, 10 May 2005 02:32:41 BST, James Tucker said:
Surely this kind of message is a really bad idea.
You know it, I know it, and the A/V vendors know it.
What is the possible true business value of such a filter?
The true business value is for the A/V vendor, who can blat out a
free spam to the forged MAIL FROM: address (which is probably scraped off
a disk by the worm/virus and therefor likely an actual address.
In this case, the bozos at GWAVA can spam you about finding something they
didn't consider acceptable.
What is the potential impact upon security to disclose the information
that this mail does?
It demonstrates that the site running it is lame enough to still be running
A/V software that spams people.
What is the cost of deployment of this system against the costs
related to it's potential, and actual effects?
The GWAVA people don't care. They've been paid for the product already, and
they're not the ones paying for the bandwidth.
Remember - you're talking here about a market segment *founded* on the business
model that *partially* patching some other vendor's broken software will lead
to a permanent gravy train. Once you've wrapped your brain around the morals
and ethics of that business model, it's obviously a very tiny step to spamming
other people about the wonders of the product.