Clueless anti-virus products/vendors (was Re: Sober)
Rich Kulawiec
rsk at gsp.org
Sun Dec 4 20:37:32 UTC 2005
On Sun, Dec 04, 2005 at 09:58:20AM -0500, Todd Vierling wrote:
> If it is on by default, it is a bug, and not operator error.
(In the case of the Barracuda) there are at least two such switches:
one for spam, one for viruses. Note that when both are set to "off" that
the box still occasionally emits such messages under as-yet-undetermined
circumstances. I attempted to persuade one of Barracuda's engineers,
months ago, that there was absolutely no valid reason for including a
"feature" whose only purpose was abuse redirection. Incredibly, I was
told "the customers want this feature", and that it would not be removed.
And thus we now have blacklist entries such as:
barracuda1.aus.texas.net
barracuda.yale-wrexham.ac.uk
barracuda.morro-bay.ca.us
barracuda.ci.mtnview.ca.us
barracuda.elbert.k12.ga.us
barracuda.fort-dodge.k12.ia.us
barracuda.ci.garner.nc.us
barracuda.ship.k12.pa.us
and many, many more.
Perhaps Barracuda should simply rename those switches as "spam
random individuals" and/or "get yourself blacklisted", as those
are the only two things likely to result from turning them on.
> (Virus "warnings" to forged addresses are UBE, plain and simple.)
When sent in bulk (as they inevitably are), absolutely. There's
no exception in the canonical definition of spam (which _is_ "UBE")
for "messages sent by broken anti-virus software", nor should there be.
---Rsk
More information about the NANOG
mailing list