To send or not to send 'virus in email' notifications?
Tomas Daniska
tomas at tronet.com
Wed Aug 20 14:51:02 UTC 2003
maybe the AV vendors could suply a 'to mail or not to mail' flag within
their databases, based on character of the virus...
any of them lurking here? :)
--
deejay
> -----Original Message-----
> From: Matthew Kaufman [mailto:matthew at eeph.com]
> Sent: 20. augusta 2003 16:41
> To: 'Joe Maimon'; nanog at merit.edu
> Subject: RE: To send or not to send 'virus in email' notifications?
>
>
>
> Absolutely not.
>
> SoBig.F, like many others, forges the sender address. That
> means that your
> notifications:
> 1) Don't make it back to the person with the infection
> 2) Simply add more clutter to the mailbox of the person
> whose address was
> used (in addition to all the bounce messages)
>
> In the enterprise, this is a great argument for scanning
> outbound email with
> positive identification of whose outbound mail you're scanning.
>
> Matthew Kaufman
> matthew at eeph.com
>
> > -----Original Message-----
> > From: owner-nanog at merit.edu [mailto:owner-nanog at merit.edu] On
> > Behalf Of Joe Maimon
> > Sent: Wednesday, August 20, 2003 7:25 AM
> > To: nanog at merit.edu
> > Subject: To send or not to send 'virus in email' notifications?
> >
> >
> >
> > Considering the amount of email traffic generated by responding to
> > forged virus laden email from culprits like sobig should
> email virus
> > scanning systems be configured to send notifications back to
> > sender or not?
> >
> >
> >
> >
>
>
More information about the NANOG
mailing list