Re: OT: Viruses on lists
-----BEGIN PGP SIGNED MESSAGE-----
Jonathan Matthews <firstname.lastname@example.org> writes:
>> > My choice is to simply drop viruses. I don't expect to have any legit
>> > messages falsely identified as viral, and dropping the message simply
>> > removes waste from the network bandwidth and disk storage of the
>> > world. I see no need to push the bounce back at someone else,
>> > particularly since the offender is rarely the one punished in that
>> > case.
> Drop /after/ accepting? Would that not mark you (in the virus' eyes,
> anyway) as a potential target?
The virus doesn't give a flying fsck if no MTA answers, if it gets a
4xx or 5xx error, if I accept it, or the MTA responds that they're
being redirected to Abu Gharib. They'll keep trying repeatedly no
> What with viruses having their own builtin SMTP engines these days
> and hence knowing for sure what response was given to the SMTP
> session, is that not potentially inviting future, smarter viruses
> (with memories for this sort of thing) to hit you first?
If they're smart, no, because they're getting a 5xx error...
>> Which is why I reject at SMTP. Doesn't push a bounce back to forged
> I should have said - I've followed Paul's instructions on ursine.ca to
> set this up, and am consequently rejecting at SMTP time.
> I'm unsure as to the difference between accepting a mail and
> bouncing later and rejecting at SMTP time as far as murphy is
> concerned. (I'm fine with the general difference for normal mail.)
It hasn't caused me problems.
> Can anyone venture an opinion? Do both bounces (is it correct to
> call a 5xx reject a "bounce"?)
No, a bounce is when you're getting an automated answer or get
forwarded elsewhere without human intervention. A 5xx SMTP response
is more properly called a reject.
Linux. You can find a worse OS, but it costs more.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
-----END PGP SIGNATURE-----