Home page logo
/

nanog logo nanog mailing list archives

RE: To send or not to send 'virus in email' notifications?
From: "Matthew Kaufman" <matthew () eeph com>
Date: Wed, 20 Aug 2003 07:41:16 -0700


Absolutely not.

SoBig.F, like many others, forges the sender address. That means that your
notifications:
  1) Don't make it back to the person with the infection
  2) Simply add more clutter to the mailbox of the person whose address was
used (in addition to all the bounce messages)

In the enterprise, this is a great argument for scanning outbound email with
positive identification of whose outbound mail you're scanning.

Matthew Kaufman
matthew () eeph com 

-----Original Message-----
From: owner-nanog () merit edu [mailto:owner-nanog () merit edu] On 
Behalf Of Joe Maimon
Sent: Wednesday, August 20, 2003 7:25 AM
To: nanog () merit edu
Subject: To send or not to send 'virus in email' notifications?



Considering the amount of email traffic generated by responding to 
forged  virus laden email from culprits like sobig should email virus 
scanning systems be configured to send notifications back to 
sender or not?






  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault