nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Clueless anti-virus products/vendors (was Re: Sober)

From: Rich Kulawiec <rsk () gsp org>
Date: Sun, 4 Dec 2005 15:37:32 -0500

On Sun, Dec 04, 2005 at 09:58:20AM -0500, Todd Vierling wrote:

If it is on by default, it is a bug, and not operator error.


(In the case of the Barracuda) there are at least two such switches:
one for spam, one for viruses.  Note that when both are set to "off" that
the box still occasionally emits such messages under as-yet-undetermined
circumstances.  I attempted to persuade one of Barracuda's engineers,
months ago, that there was absolutely no valid reason for including a
"feature" whose only purpose was abuse redirection.  Incredibly, I was
told "the customers want this feature", and that it would not be removed.

And thus we now have blacklist entries such as:

        barracuda1.aus.texas.net
        barracuda.yale-wrexham.ac.uk
        barracuda.morro-bay.ca.us
        barracuda.ci.mtnview.ca.us
        barracuda.elbert.k12.ga.us
        barracuda.fort-dodge.k12.ia.us
        barracuda.ci.garner.nc.us
        barracuda.ship.k12.pa.us

and many, many more.

Perhaps Barracuda should simply rename those switches as "spam
random individuals" and/or "get yourself blacklisted", as those
are the only two things likely to result from turning them on.


(Virus "warnings" to forged addresses are UBE, plain and simple.)


When sent in bulk (as they inevitably are), absolutely.  There's
no exception in the canonical definition of spam (which _is_ "UBE")
for "messages sent by broken anti-virus software", nor should there be.

---Rsk
Previous By Date Next
Previous By Thread Next

Current thread: