Clueless anti-virus products/vendors (was Re: Sober)
Todd Vierling
tv at duh.org
Tue Dec 6 16:19:42 UTC 2005
On Mon, 5 Dec 2005, Douglas Otis wrote:
> A less than elegant solution as an alternative to deleting the message, is
> to hold the data phase pending the scan.
Contrary to your vision of this option, it is not only elegant; it happens
to be the *correct* thing to do.
Dropping the message on the floor is arguably stretching the bounds of
RFC2821. If a message is going to be dropped because of a policy (such as a
worm/virus flag), you really should be rejecting after DATA with a RFC1893
5.7.x extended result code.
> Another solution would be not returning message content within a DSN.
If you're still sending to a forged address, how is this not still UBE...?
--
-- Todd Vierling <tv at duh.org> <tv at pobox.com> <todd at vierling.name>
More information about the NANOG
mailing list