[Mimedefang] Viruses: Bounce or Discard?

David F. Skoll dfs at roaringpenguin.com
Mon Sep 29 14:02:01 EDT 2003


On Mon, 29 Sep 2003, Jeremy Mates wrote:

> The ISP dutifully bounces the malware at the forged sender,

I used to advocate bouncing viruses, but now I've crossed over to
the "discard" viewpoint.

However, my absolutely preferred way to handle viruses would be:

1) Do a WHOIS lookup on the sending relay's IP address

2) Send a complaint to the contact point for the netblock containing the
relay.  (Unfortunately, doing this properly is difficult and time-consuming.)

This would p*ss off ISP's, which would cause them to get tough with
users who propagate viruses.  I believe that ISP's should write into
their terms of service that users will be liable for 10 cents for each
and every virus transmission from their machine.  This isn't
censorship; it's merely charging different rates for different
"classes" of e-mail.  It also pushes the true cost of viruses onto
those responsible (people who run M$ software in spite of warnings
from the likes of Dan Geer and Bruce Schneier.)

--
David.



More information about the MIMEDefang mailing list