[Mimedefang] opinions on this filter?
Rich West
Rich.West at divatv.com
Thu May 16 15:19:51 EDT 2002
The only remaining problem I can see, after looking it over carefully,
is that if a virus has been found within a message, you are sending a
message back to the original sender via action_notify_sender. That in
itself is not a problem because it is a good idea.
However, many viruses spread like spam, so you cannot rely heavily on
the validity of the sender's address unless it originates within your
organization. You do have it already checking to see if the sender's
address is "<>", but that probably is not enough. Some viruses generate
email using bogus sender addresses, but not blank ones..
It might work out better to generate the message for
action_notify_sender() only if the message is originating from within
your domain.
This will also prevent MD from being the one to generate SPAM to the
poor slob who has had their email address used as the bogus sender's
address. :)
-Rich
More information about the MIMEDefang
mailing list