[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: MS mail bombs

Jacob Anawalt [jacob@cachevalley.com] wrote:
> I guess that's as effective for reducing the bulk of your inbox as sending
> "550 executables not accepted", especially if you don't have control over
> the mail server and you match this virus with 100% accuracy.
> Either way, /dev/null or 550 after DATA crlf.crlf you've recieved the
> whole message.

"550 executables not accepted" would obviously be a superior solution.
How do you do it?  My google searches and list archive searches turned
up nothing...

> The 550 would inform the sender of a non-automated message that your
> server didn't accept delivery based on content. This of course means you
> are scanning for bad content during the SMTP delivery session. I think it
> is a bad idea to post-delivery 'bounce' an email or to forward an email to
> the recipient if you found a virus in it. The 'sender' and 'reciever' in
> the From: and To: headers are almost definatly forged.


Bob McElrath [Univ. of California at Davis, Department of Physics]

    "Knowledge will forever govern ignorance, and a people who mean to
    be their own governors, must arm themselves with the power knowledge
    gives. A popular government without popular information or the means
    of acquiring it, is but a prologue to a farce or a tragedy or
    perhaps both."
        - James Madison

Attachment: signature.asc
Description: Digital signature

Reply to: