Home page logo

nanog logo nanog mailing list archives

Re: To send or not to send 'virus in email' notifications?
From: Valdis.Kletnieks () vt edu
Date: Wed, 20 Aug 2003 10:54:59 -0400

On Wed, 20 Aug 2003 10:25:28 EDT, Joe Maimon <jmaimon () ttec com>  said:
Considering the amount of email traffic generated by responding to 
forged  virus laden email from culprits like sobig should email virus 
scanning systems be configured to send notifications back to sender or not?

It isn't like the A/V vendors can't put a single bit in the description that says
"uses real address" or "uses forged address" and only send a notification when
the "real" bit is set.  However, a lot of them seem to be more interested in
pumping out PR and FUD.

Worst part is if one of them had been smart, they'd have invented such a bit,
patented it, and then shipped "New! Improved! Now with less confusing
messages", and used the patent to make sure nobody else did.  Now *that* would
be a selling point for their product, but noooo... ;)  They've missed their
chance.  Feel free to cite this e-mail as prior art if somebody tries it now...

Attachment: _bin

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]