From: Matthew Kaufman [mailto:matthew () eeph com]
Sent: 20. augusta 2003 16:41
To: 'Joe Maimon'; nanog () merit edu
Subject: RE: To send or not to send 'virus in email' notifications?
SoBig.F, like many others, forges the sender address. That
means that your
1) Don't make it back to the person with the infection
2) Simply add more clutter to the mailbox of the person
whose address was
used (in addition to all the bounce messages)
In the enterprise, this is a great argument for scanning
outbound email with
positive identification of whose outbound mail you're scanning.
matthew () eeph com
From: owner-nanog () merit edu [mailto:owner-nanog () merit edu] On
Behalf Of Joe Maimon
Sent: Wednesday, August 20, 2003 7:25 AM
To: nanog () merit edu
Subject: To send or not to send 'virus in email' notifications?
Considering the amount of email traffic generated by responding to
forged virus laden email from culprits like sobig should
scanning systems be configured to send notifications back to
sender or not?