nanog mailing list archives

Re: Weird email messages with "re:movie" and "re:application" in the subject line..

From: "Steven M. Bellovin" <smb () research att com>
Date: Thu, 26 Jun 2003 14:32:51 -0400


In message <2147483647.1056635153@[192.168.1.102]>, John Payne writes:



--On Wednesday, June 25, 2003 23:37 -0400 "Steven M. Bellovin" 
<smb () research att com> wrote:

And I've gotten bounces from mail allegedly from me.  It's not L3's
fault; this particular worm forges From: lines on its email.


fault is debatable.  Because forgeries are now so common, particularly in 
worms, why would you send these notifications to anyone other than the 
recipient?  Let the human decide if the right thing to do is notify the 
sender.

Personally, I blame the anti-virus companies who market the software.  
They know which viruses forge From: lines; why should their "alert the 
poor infected fool" software send notes to folks whose addresses are 
being spoofed?


                --Steve Bellovin, http://www.research.att.com/~smb (me)
                http://www.wilyhacker.com (2nd edition of "Firewalls" book)

Current thread:

RE: Weird email messages with "re:movie" and "re:application" in the subject line.. Williamson, Todd (Jun 25)
- <Possible follow-ups>
- Re: Weird email messages with "re:movie" and "re:application" in the subject line.. Steven M. Bellovin (Jun 25)
  - Re: Weird email messages with "re:movie" and "re:application" in the subject line.. John Payne (Jun 26)
- Re: Weird email messages with "re:movie" and "re:application" in the subject line.. Steven M. Bellovin (Jun 26)
  - Re: Weird email messages with "re:movie" and "re:application" in the subject line.. Eric Brunner-Williams in Portland Maine (Jun 26)