Re: Bug#207300: tmda: Challenge-response is fundamentally broken
I think challenge response needs extra care.
Anyway, current e-mail worm/virus incident is pretty bad.
On Sat, Aug 30, 2003 at 07:44:56AM -0500, John Hasler wrote:
> Brian May writes:
> > You saying that any SMTP MTA that sends bounces to unauthenticated
> > E-Mail addresses is also broken?
>
> Karsten M. Self writes:
> > At the very least, this is a small subset of the incoming mail.
>
> This is about a quarter of my incoming mail.
I filter e-mail worm/virus mail bounces by reading the attached original
mail header. Most bounces keep the good amount of original header
information.
## Worm e-mails by the header
:0
* ^X-Mailer: Microsoft
* ^X-MailScanner: Found to be clean
Xworm/
## Worm bounces by the header&body
:0 BH
* ^FROM_MAILER
* ^X-Mailer: Microsoft
* ^X-MailScanner: Found to be clean
Xworm-bounce/
I guess our e-mail server can do the similar checks.
Osamu
Reply to: