|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Clueless anti-virus products/vendors (was Re: Sober)
On Dec 6, 2005, at 8:19 AM, Todd Vierling wrote: Holding at the data phase does usually avoid the need for a DSN, but this technique may require some added (less than elegant) operations depending upon where the scan engine exists within the email stream. Waiting for the scan to complete adds stack overhead (assuming a good black-hole list is being used). Albeit small, there is never 0% false detections of malware. It would seem that when a DSN is required, as a general practice, the DSN should not include message content. This should at least thwart this vector being used to spread malware and spam. Preventing the spread of a virus seems key. There is always BATV to clean-up spoofed bounce-addresses in the meantime.On Mon, 5 Dec 2005, Douglas Otis wrote:A less than elegant solution as an alternative to deleting the message, isContrary to your vision of this option, it is not only elegant; it happens -Doug
|