North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: antivirus in smtp, good or bad?
At 08:58 AM 2/3/2004, you wrote:
Hi,Hmmm, well, we certainly kick back virus-laden stuff this way. The alternatives are:
1) kick it back during SMTP.
2) drop it on the floor.
or, the third option, which is EXCEEDINGLY BROKEN,
3) send a bounce to the From: address in the email. Because of spoofed sender addresses, this then goes to the wrong person, freaks out innocent, non-infected people and raises everyone's support costs.
Surely this is an incorrect way to do this as there will be lots of similar MXsWhy must systems accept mail that's virus laden or otherwise not desired at a site?
The "bounce" you refer to invariably ends up going to the wrong person(s), so that's an exceptionally BAD idea. Many viruses (most of the recent ones) forge the sender information. So either accepting and silently dropping, or rejecting the SMTP session with a 55x are the only viable choices.