[Mimedefang] Viruses: Bounce or Discard?
David F. Skoll
dfs at roaringpenguin.com
Mon Sep 29 15:32:00 EDT 2003
On Mon, 29 Sep 2003, Les Mikesell wrote:
> Is there a handy way to tell if you are connected directly to
> the originating machine. This should be the case if no one
> else has inserted a 'Received:' header. If no other relay is
> involved, an smtp reject is clearly the right thing to do.
If no-one else has inserted a Received: header, then either you're
directly connected to the sender, or you're connected to a lame organization
that removes Received: headers in the name of "security".
If there *is* a Received header, then either you're not directly
connected to the sender, or the sender is putting in fake Received: headers.
Nice choices. :-)
> As a software vendor yourself, do you really think that end users
> should be responsible for things the software might do without
> their knowledge?
Yes and no. People who *knowingly* use insecure software, even after
being warned repeatedly about it, bear some responsibility.
Of course, the three most-responsible are the virus author, the software
vendor, and the software user, in that order.
By making it more expensive for users of insecure software to keep
using it, we increase the likelihood that they'll get upset and demand
compensation from the vendor. By absorbing the cost of insecure
software ourselves, we're giving the vendor a free ride.
> All they did was pay for it...
Once again, if the ISP states up-front in its terms of service that
owners of machines distributing viruses will be liable for 10 cents/virus,
then owners of virus-sending machines have no excuse.
Regards,
David.
More information about the MIMEDefang
mailing list