North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Clueless anti-virus products/vendors (was Re: Sober)
At 03:12 PM 12/2/2005, Michael Loftis wrote:
--On December 2, 2005 2:02:15 PM -0600 Dennis Dayman <email@example.com> wrote:Only stuff we're seeing is a lot of blowback from dumb mail systems that accept email, THEN scan for viruses, and ultimately decide to send a note back to the From: address in the body of the infected email. Since the From: is invariably forged, the uninvolved owner of those forged email addresses gets hammered.
Can people building virus scanning devices PLEASE GET A %^&*^ CLUE? This means you, Barricuda Networks, more than anyone else, but we also see this annoyance from Symantec devices, and from some AOL systems as well.
Blasting a note back does two things:
1. It allows the worm or virus author an opportunity to implement an amplified attack on a third party using your filtering systems.
2. The bounce messages mostly include an advertisement for the filtering box's vendor. Get a clue... this is a REALLY negative advertisement for your spam & virus filtering technology. If you can't manage to realize the virus laden email should perhaps be dropped, then it makes your box look poorly designed.
Oh, and please delete the infected file rather than sending that along too.
OK, off my soapbox.