Bugtraq mailing list archives
Re: RFC: virus handling
From: Dave Clendenan <dave () dave clendenan ca>
Date: Tue, 3 Feb 2004 09:09:05 -0800
On Wed, Jan 28, 2004 at 02:00:03PM -0800, John Fitzgibbon wrote:
There is one standardized feature for virus and other bounce messages, (which isn't mentioned in the original proposal), which I believe would really help: A bounce should *always* include a MIME attachment of type message/rfc822-headers which contains the full headers from the original mail. This makes it relatively easy to check on the receiving side if the original "Received: from" headers are valid, and simply drop bounces that relate to messages that were originally sent with forged headers.
Outstanding idea. If you (or anyone else on the list) already have a tested procmail recipe for this, please share. If not, let's make one and share it around... thanks -- Dave Clendenan dave () clendenan ca PGP fingerprint: 910E 8400 7A16 822C 9B62 209F 6CAB DEDF BF4B DF75 Subtlety is the art of saying what you think, and getting out of the way before it is understood
Current thread:
- Re: Hysterical first technical alert from US-CERT, (continued)
- Re: Hysterical first technical alert from US-CERT Philip Rowlands (Feb 05)
- Re: Hysterical first technical alert from US-CERT Andreas Marx (Feb 06)
- Re: RFC: virus handling Piotr KUCHARSKI (Feb 02)
- Re: RFC: virus handling Patrick Proniewski (Feb 02)
- Re: RFC: virus handling Matthew Dharm (Feb 03)
- Re: RFC: virus handling Ben Wheeler (Feb 04)
- Re: RFC: virus handling Shawn McMahon (Feb 07)
- Re: RFC: virus handling Matthew Dharm (Feb 03)
- Re: RFC: virus handling Craig Morrison (Feb 02)
- Re: RFC: virus handling James C. Slora Jr. (Feb 03)
- Re: RFC: virus handling John Fitzgibbon (Feb 02)
- Re: RFC: virus handling Dave Clendenan (Feb 03)
- Re: RFC: virus handling Volker Kuhlmann (Feb 04)
- Re: RFC: virus handling Dave Clendenan (Feb 03)
- Re: RFC: virus handling Daniele Orlandi (Feb 02)
- Re: RFC: virus handling Pavel Kankovsky (Feb 02)
- Re: RFC: virus handling Dave Aronson (Feb 02)
- RE: RFC: virus handling David Brodbeck (Feb 03)
- Re: RFC: virus handling Casper Dik (Feb 04)