Postfix anti-antivirus (was Re: [linux-elitists] procmail recipe for mydoom?)
Karsten M. Self
Tue Feb 10 15:06:12 PST 2004
on Tue, Feb 10, 2004 at 02:36:05PM +0000, Phil Mayers (firstname.lastname@example.org) wrote:
> On Tue, Feb 10, 2004 at 06:20:52PM +1100, Martin Pool wrote:
> > On 4 Feb 2004, "Karsten M. Self" <email@example.com> wrote:
> > > > It does add to the problem. Forged-sender worm hits your server, you
> > > > reject it, thus kicking the client MTA into sending a bounce.
> > >
> > > No.
> > >
> > > Your 55x reject causes:
> > >
> > > - A virus with a minimal SMTP server to not give a whit.
> > >
> > > - A smarthosted SMTP server to reject the mail to the sending client.
> > > Which it, unlike you, can identify.
> > Wow, really? You have a smarthost so smart that when a client
> > connects to it and forges envelopes and headers, the smarthost can
> > still work out the right address to send the bounce? I'd like to see
> > that. That is a hell of a smart host to work out the right address
> > from thin air.
> Not especially:
> 220 foo.bar.com ESMTP Exim 4.20 Tue, 10 Feb 2004 14:11:32 +0000
> MAIL FROM:firstname.lastname@example.org
> 250 <email@example.com> is syntactically correct
> RCPT TO:firstname.lastname@example.org
> 250 <email@example.com> verified
> 354 Enter message, ending with "." on a line by itself
> Subject: Hey, open the attachment idiot, violate your AUP!
> Content-Type: multipart/death
> <virus content>
> <short pause>
> 550 I'm not taking that, it's riddled...
Karsten M. Self <firstname.lastname@example.org> http://kmself.home.netcom.com/
What Part of "Gestalt" don't you understand?
Windows Refund Day II: fight for your right to refund
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: Digital signature
Url : http://allium.zgp.org/pipermail/linux-elitists/attachments/20040210/7f3b9bed/attachment.pgp
More information about the linux-elitists