Postfix anti-antivirus (was Re: [linux-elitists] procmail recipe for mydoom?)

Jeff Waugh jdub@perkypants.org
Tue Feb 10 18:29:40 PST 2004


<quote who="Ben Finney">

> > <quote who="Ben Finney">
> > > If so, then how are we to identify such misbehaving MTAs?
> > 
> > The "identify". It's forged
> 
> No.  The misbehaving MTA is the one that:
> 
>   - accepts the malware for delivery to a third person
>   - tries to deliver it to the destination, which rejects it
>   - sends a bounce message to the forged sender address
> 
> The first item is the misbehaviour; the latter two items allow the
> misbehaving MTA to be identified.  (The last item, sending the bounce to
> a forged sender, is the best it can do *at that point*, but the cause
> was accepting the crap in the first instance.)

Meanwhile, there's shrapnel in *everyone's* butt.

- Jeff

-- 
GVADEC 2004: Kristiansand, Norway                    http://2004.guadec.org/
 
                        We're passe with class, eh?



More information about the linux-elitists mailing list