Postfix anti-antivirus (was Re: [linux-elitists] procmail recipe for mydoom?)
Tue Feb 10 19:13:43 PST 2004
On 11-Feb-2004, Jeff Waugh wrote:
> Sure, I totally agree that if every MTA rejected malware, we would be
> in a wonderful, blissful state of joy. But the reality is that they
That reality can be changed.
> and you can guarantee that matched, modern worms forge their sender
> envelope and address. So rejecting them *HAS NO PURPOSE* at all.
Non sequitur. The fact that worms come with forged sender addresses
does not render the rejection purposeless.
> There have been times in this conversation when various people have been
> confusing spam, forging worms and general virus muck.
True. The rejection hard-line I speak of is only for *known* malicious
content, that every relay MTA should be rejecting.
Spam is much more subjective (leaving aside that worms can be classified
as a sub-category of unsolicited bulk email).
> There are lots of different perspectives on all of these, but it seems
> that people who actively believe that rejecting forged mail makes
> sense are doing so more out of "eye for an eye" than any other
Nope. "eye for an eye" would have me damaging the *originators* of this
crap. Much as I want to do that too, I can't. It's unrelated to my
motivation for rejecting known-bad mail.
By rejecting known-bad mail at SMTP time, I'm saying two things:
- I don't accept this mail (and I'm telling you because RFC2821 tells
me I should), because it's known to be bad.
- You (the MTA trying to send it to me) shouldn't have accepted it
Vengeance doesn't fit there.
> "Well, it's their fault anyway, so they should clean my mess up too!"
How is it "my", i.e. the destination's, mess? I think that's at the
core of this disagreement.
\ "If you ever drop your keys into a river of molten lava, let |
`\ 'em go, because, man, they're gone." -- Jack Handey |
Ben Finney <firstname.lastname@example.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 197 bytes
Desc: Digital signature
Url : http://allium.zgp.org/pipermail/linux-elitists/attachments/20040211/b9f8e54d/attachment.pgp
More information about the linux-elitists