[Mimedefang] Re: Mimedefang 2.36 and how to drop a blocked attachment message - action_bounce?

Kelson Vibber kelson at speed.net
Mon Sep 29 14:30:01 EDT 2003


At 10:39 AM 9/29/2003, Jeremy Mates wrote:
>If the target site is also
>behind on their anti-virus definitions, the malware bounce may be
>delievered to a user, and could infect their system.

Of course, the address being forged comes from the same source used to get 
your address:  The previous victim's address book, web cache, documents, 
etc.  Chances are the person who gets the bounce has already received, or 
will soon receive, a copy of the virus sent to them directly, from the same 
infected machine that tried to send it to you.

So it's not likely to increase their chance of infection much; they've 
already been targeted.  It will, however, increase the annoyance factor and 
possibly cause false alarms, and that is worth avoiding.


Kelson Vibber
SpeedGate Communications <www.speed.net> 





More information about the MIMEDefang mailing list