On Sunday, Feb 9, 2003, at 03:28 US/Pacific, Cliff Sarginson wrote:
1- Unwanted access to your SMTP Mail serverSending messages back to the sender isn't necessarily a good idea. Mailscanner, which can handle both #2 and #3 via various virus scanning engines, RBL checks, and/or Spam Assassin, has a list of viruses which it silently deletes (no message to the intended recipient nor the claimed sender) because there's just no point. Many of the Klez family, and a few others, forge the sender address and contain no useful content (as opposed to viruses which attach themselves to some useful data). So, several of the Klez variants are in Mailscanner's list to "silently delete".
2- Virus Checking
3- Spam checking
I "solve" 2 by running antivir on the mail server. This quarantines mail
containing viruses, sends a message to the intended recipient to say it
has done so and a message to the sender,
If you're not doing anything sophisticated on the virus checking side, then I wouldn't bounce any messages back to the sender. Just filter out the bad attachment and inform the recipient. Then they can make an informed decision about whether or not to inform the claimed sender. Otherwise, I'd use an engine which knows (or can be told) which viruses it should just delete without further processing.
