[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: OT: Viruses on lists

Paul Johnson had the gall to say:
> "Derrick 'dman' Hudson" <dman@dman13.dyndns.org> writes:
> > Almost.  murphy generates a bounce and sends it to the list manager
> > (mailman, majordomo, ezmlm, etc. - I don't know what one murphy is
> > running).  The list manager then counts that against you in its
> > determination of which addresses are invalid and need to be removed
> > from the list.
> It takes quite a few bounces before you get removed, though.

Does anyone know a definitive figure or rate here?

> > My choice is to simply drop viruses.  I don't expect to have any legit
> > messages falsely identified as viral, and dropping the message simply
> > removes waste from the network bandwidth and disk storage of the
> > world.  I see no need to push the bounce back at someone else,
> > particularly since the offender is rarely the one punished in that
> > case.

Drop /after/ accepting?  Would that not mark you (in the virus' eyes, 
anyway) as a potential target?  What with viruses having their own 
builtin SMTP engines these days and hence knowing for sure what response 
was given to the SMTP session, is that not potentially inviting future, 
smarter viruses (with memories for this sort of thing) to hit you first?

> Which is why I reject at SMTP.  Doesn't push a bounce back to forged
> addresses.

I should have said - I've followed Paul's instructions on ursine.ca to 
set this up, and am consequently rejecting at SMTP time.

I'm unsure as to the difference between accepting a mail and bouncing 
later and rejecting at SMTP time as far as murphy is concerned.  (I'm 
fine with the general difference for normal mail.)  Can anyone venture 
an opinion?  Do both bounces (is it correct to call a 5xx reject a 
"bounce"?) count similarly negatively when working out who shouldn't be 
on the list anymore?  Should I stop asking questions (sort of like this 
one?) inside other questions?

Answers on a postcard, please ...


Reply to: