I attest to Amavis on this one. Message headers, virus found, and also if
you quarentine the message it sends the quarentined file name.
Gerardo
Joe Maimon writes:
Patrick Muldoon wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thursday 21 August 2003 12:08 am, David Schwartz
Patrick Muldoon wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thursday 21 August 2003 12:08 am, David Schwartz wrote:
One of my pet peeves is anti-virus programs that detect a virus by name,
so they should know that it always spoofs the sender address, still sending
messages
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thursday 21 August 2003 12:08 am, David Schwartz wrote:
> One of my pet peeves is anti-virus programs that detect a virus by name,
> so they should know that it always spoofs the sender address, still sending
> messages referring to the "mess
> For virus scanners that run at other stages in the delivery process,
> the right decision about whether to do a notification or not
> is virus-dependent, if your anti-virus package supports it.
> Sobig almost always forges sender addresses, so it shouldn't get a
> reply,
> but some other viruse
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
The right answer for the original question is probably
"Buy an email server package with virus scanning hooks" or
"Get a virus scanner with sendmail milter hooks"
rather than specific details of how to set it...
The suggestion to do virus filtering
EMAIL PROTECTED]
Sent: Wednesday, August 20, 2003 12:37 PM
To: [EMAIL PROTECTED]
Subject: Re: To send or not to send 'virus in email' notifications?
Notifications from virus scanners is backscatter, just the same as the
backscatter generated by Smurf attacks. The virus scanners a
on 8/20/2003 9:25 AM Joe Maimon wrote:
> Considering the amount of email traffic generated by responding to
> forged virus laden email from culprits like sobig should email virus
> scanning systems be configured to send notifications back to sender or not?
The least-harmful yet still-complia
FWIW
In a message written on Wed, Aug 20, 2003 at 10:04:05AM -0700, Steve Thomas wrote:
> From: Steve Thomas <[EMAIL PROTECTED]>
> To: Leo Bicknell <[EMAIL PROTECTED]>
> Subject: Re: To send or not to send 'virus in email' notifications?
[other headers editied
Joe Maimon
Cc: [EMAIL PROTECTED]
Subject: RE: To send or not to send 'virus in email' notifications?
At 10:30:43 my systems rebooted after installing hotfix "Windows 2000 Hotfix
KB823980 was installed" and machines rebooted. Any ideas on how to remove
this or what it may
perts
> http://www.globalknowledge.com
>
>
>
> -Original Message-
> From: Stephen J. Wilcox [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, August 20, 2003 10:33 AM
> To: Joe Maimon
> Cc: [EMAIL PROTECTED]
> Subject: Re: To send or not to send &
ox [mailto:[EMAIL PROTECTED]
Sent: Wednesday, August 20, 2003 10:33 AM
To: Joe Maimon
Cc: [EMAIL PROTECTED]
Subject: Re: To send or not to send 'virus in email' notifications?
On Wed, 20 Aug 2003, Joe Maimon wrote:
>
> Considering the amount of email traffic generated by responding
In a message written on Wed, Aug 20, 2003 at 11:40:53AM -0400, D'Arcy J.M. Cain wrote:
> Absolutely not. My spam filters are handling the original spam fine but I am
> getting tons of responses to email I didn't send in the first place. It's
> legitimate email from legitimate sources so the fil
Notifications from virus scanners is backscatter, just the same as the
backscatter generated by Smurf attacks. The virus scanners are contributory
technology in the conduct of a denial of service attack in exactly the same
way as having directed broadcasts enabled on your routers was (read RFC
virus laden email from culprits like sobig should email virus
scanning systems be configured to send notifications back to sender or >not?
Virus notification was great in times past. With forged addresses, now the
double edged sword is pointed back at the victim system, since some of the
noti
Joe Maimon wrote:
Considering the amount of email traffic generated by responding to
forged virus laden email from culprits like sobig should email virus
scanning systems be configured to send notifications back to sender or
not?
I guess we can summarise and say that:
(intelligent virus sca
On Wednesday 20 August 2003 10:25, Joe Maimon wrote:
> Considering the amount of email traffic generated by responding to
> forged virus laden email from culprits like sobig should email virus
> scanning systems be configured to send notifications back to sender or not?
Absolutely not. My spam
> > Considering the amount of email traffic generated by responding to
> > forged virus laden email from culprits like sobig should email virus
> > scanning systems be configured to send notifications back to
> > sender or not?
If your scanner doesn't know if a virus forges addresses, and hen
Thus spake Tomas Daniska ([EMAIL PROTECTED]) [20/08/03 10:56]:
> maybe the AV vendors could suply a 'to mail or not to mail' flag within
> their databases, based on character of the virus...
amavisd-new maintains a list of viruses that are known to forge sender
addresses. It won't notify the sen
On Wed, 20 Aug 2003 10:25:28 EDT, Joe Maimon <[EMAIL PROTECTED]> said:
> Considering the amount of email traffic generated by responding to
> forged virus laden email from culprits like sobig should email virus
> scanning systems be configured to send notifications back to sender or not?
It is
03 16:41
> To: 'Joe Maimon'; [EMAIL PROTECTED]
> Subject: RE: To send or not to send 'virus in email' notifications?
>
>
>
> Absolutely not.
>
> SoBig.F, like many others, forges the sender address. That
> means that your
> notifications:
> 1) Do
s [mailto:[EMAIL PROTECTED]
Sent: Wednesday, August 20, 2003 10:30 AM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Re: To send or not to send 'virus in email' notifications?
> Date: Wed, 20 Aug 2003 10:25:28 -0400
> From: Joe Maimon <[EMAIL PROTECTED]>
> To: [EMAIL PROTECT
Absolutely not.
SoBig.F, like many others, forges the sender address. That means that your
notifications:
1) Don't make it back to the person with the infection
2) Simply add more clutter to the mailbox of the person whose address was
used (in addition to all the bounce messages)
In the ente
EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Re: To send or not to send 'virus in email' notifications?
> Date: Wed, 20 Aug 2003 10:25:28 -0400
> From: Joe Maimon <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: To send or not to send 'virus in email' n
> Considering the amount of email traffic generated by responding to
> forged virus laden email from culprits like sobig should email virus
> scanning systems be configured to send notifications back to
> sender or not?
IMO: No. I have had around 200 of these alerts this morning alone,
most
On Wed, 20 Aug 2003, Joe Maimon wrote:
>
> Considering the amount of email traffic generated by responding to
> forged virus laden email from culprits like sobig should email virus
> scanning systems be configured to send notifications back to sender or not?
well if you dont tell them they
> Considering the amount of email traffic generated by responding to
> forged virus laden email from culprits like sobig should email virus
> scanning systems be configured to send notifications back to sender or
not?
Considering that the "From" is almost always not the right one, I think
sendin
> Date: Wed, 20 Aug 2003 10:25:28 -0400
> From: Joe Maimon <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: To send or not to send 'virus in email' notifications?
>
>
> Considering the amount of email traffic generated by responding to
> forged virus laden email from culprits like sobig
27 matches
Mail list logo