[Mimedefang] Re: Mimedefang 2.36 and how to drop a blocked attachment message - action_bounce?

[Jeremy Mates]

* Kenneth Porter <shiva at sewingwitch.com>
> But who is doing the relaying? If it's an ISP, then they're
> complicitly feeding viruses to the Internet. If it's an open relay,
> then bounces will signal the presence of those, and present more
> justification for closing them (for those few who think they're a
> good idea).

But what if the ISP is just a little bit behind on their anti-virus
defintions? Your system detects the malware the ISP missed, and bounces
the message. The ISP dutifully bounces the malware at the forged sender,
pointing the hostile code at another site. If the target site is also
behind on their anti-virus definitions, the malware bounce may be
delievered to a user, and could infect their system.