nanog mailing list archives

Re: Clueless anti-virus products/vendors (was Re: Sober)

From: Todd Vierling <tv () duh org>
Date: Tue, 6 Dec 2005 11:19:42 -0500 (EST)


On Mon, 5 Dec 2005, Douglas Otis wrote:

A less than elegant solution as an alternative to deleting the message, is
to hold the data phase pending the scan.


Contrary to your vision of this option, it is not only elegant; it happens
to be the *correct* thing to do.

Dropping the message on the floor is arguably stretching the bounds of
RFC2821.  If a message is going to be dropped because of a policy (such as a
worm/virus flag), you really should be rejecting after DATA with a RFC1893
5.7.x extended result code.

Another solution would be not returning message content within a DSN.


If you're still sending to a forged address, how is this not still UBE...?

-- 
-- Todd Vierling <tv () duh org> <tv () pobox com> <todd () vierling name>

Current thread:

RE: Clueless anti-virus products/vendors (was Re: Sober), (continued)
- RE: Clueless anti-virus products/vendors (was Re: Sober) Church, Chuck (Dec 04)
  - Re: Clueless anti-virus products/vendors (was Re: Sober) Geo. (Dec 04)
  - Re: Clueless anti-virus products/vendors (was Re: Sober) Christian Kuhtz (Dec 04)
  - Re: Clueless anti-virus products/vendors (was Re: Sober) Larry Smith (Dec 04)
  - Re: Clueless anti-virus products/vendors (was Re: Sober) Steven M. Bellovin (Dec 04)
    - Re: Clueless anti-virus products/vendors (was Re: Sober) Edward B. Dreger (Dec 04)
    - Re: Clueless anti-virus products/vendors (was Re: Sober) Jamie C. Pole (Dec 04)
    - Re: Clueless anti-virus products/vendors (was Re: Sober) Christopher L. Morrow (Dec 04)
    - Re: Clueless anti-virus products/vendors (was Re: Sober) Douglas Otis (Dec 05)
    - Re: Clueless anti-virus products/vendors (was Re: Sober) Valdis . Kletnieks (Dec 05)
    - Re: Clueless anti-virus products/vendors (was Re: Sober) Todd Vierling (Dec 06)
    - Re: Clueless anti-virus products/vendors (was Re: Sober) Douglas Otis (Dec 06)
    - Re: Clueless anti-virus products/vendors (was Re: Sober) Todd Vierling (Dec 06)
    - Re: Clueless anti-virus products/vendors (was Re: Sober) Douglas Otis (Dec 06)
    - Re: Clueless anti-virus products/vendors (was Re: Sober) Steven J. Sobol (Dec 07)
    - Re: Clueless anti-virus products/vendors (was Re: Sober) Micheal Patterson (Dec 07)
    - Re: Clueless anti-virus products/vendors (was Re: Sober) Michael . Dillon (Dec 08)
    - Re: Clueless anti-virus products/vendors (was Re: Sober) Douglas Otis (Dec 08)
    - Re: Clueless anti-virus products/vendors (was Re: Sober) Simon Waters (Dec 09)
    - SMTP store and forward requires DSN for integrity (was Re: Clueless anti-virus ) Douglas Otis (Dec 09)
    - RE: SMTP store and forward requires DSN for integrity (was Re:Clueless anti-virus ) Geo. (Dec 09)

(Thread continues...)