[Esd-l] Discouraging SECURITY_NOTIFY_SENDER

Pierre Etchemaite petchema at concept-micro.com
Tue Sep 9 03:30:13 PDT 2003


Le Tue, 9 Sep 2003 11:21:15 +0200, "Juan Maria Gil" <jmg at olinet.es> a écrit
:

> As everybody knows, nowdays
> there's hardly a virus which doesn't forge the return addresses making
> this option quite useless.

It's not, because procmail-security doesn't only catch viruses, it also
catches policy violations. I prefer senders to be warned that their
attachment (or whatever) didn't make it, rather than drop them silently.

Also, it features "smart reply", that seems quite effective for me. Most
spoofed emails don't seem to get replied, only very large ISPs email domains
sometimes don't get filtered, because the probability that the infected box
and the spoofed email use the same domain increases...

(Other than that, I agree with you, autoreply scripts triggered by worms,
and antivirus email filters that reply to mailing list addresses are very
boring... While there's no perfect solution, I just feel that
procmail-security handles the problem better than most.)

BR,
Pierre.


More information about the esd-l mailing list