[Mimedefang] help needed with mimedefang-filter
James Ralston
qralston+ml.mimedefang at andrew.cmu.edu
Mon Aug 11 23:21:01 EDT 2003
On 2003-08-11 at 23:24:30+1000 Tony Nugent <tony at linuxworks.com.au> wrote:
> On Mon Aug 11 2003 at 12:24, "Muhammad Talha" wrote:
>
> > i want what when virus found it will reject with bounce back with
> > mimedefang mail addresss subject aslo be changed as i like.
>
> No, please don't do that. It is much better to simply silently drop
> the email (and log the event).
Whether it is better to silently drop mail or to reject it is
debatable.
If you silently drop the mail, you risk discarding legitimate mail.
For example, we have had remote users send us attachments, asking if
they are viruses (and they were). If we had configured our mail
systems to silently drop viruses, these legitimate messages would have
been lost, just because they contained viruses.
> By bouncing these messages, you are simply relaying infectious email
> to the owner of the account that has been used as the forgery.
...at which point the mail system of the victim who was forged should
detect the virus in the DSN message and reject it. :)
> If the address is invalid, it will then continue to bounce around
> the net.
No, it won't; DSN messages are sent with a null reverse-path. If the
DSN message can't be delivered, it is discarded.
--
James Ralston, Information Technology
Software Engineering Institute
Carnegie Mellon University, Pittsburgh, PA, USA
More information about the MIMEDefang
mailing list