North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: SMTP store and forward requires DSN for integrity (was Re:Clueless anti-virus )

  • From: Micheal Patterson
  • Date: Fri Dec 09 17:04:12 2005




----- Original Message ----- From: "Douglas Otis" <[email protected]>
To: "Todd Vierling" <[email protected]>
Cc: "Steven J. Sobol" <[email protected]>; "Geo." <[email protected]>; <[email protected]>
Sent: Friday, December 09, 2005 1:58 PM
Subject: Re: SMTP store and forward requires DSN for integrity (was Re:Clueless anti-virus )


On Dec 9, 2005, at 10:15 AM, Todd Vierling wrote:
   1. Virus "warnings" to forged addresses are UBE, by definition.
This definition would be making at least two of the following assumptions:

1) Malware detection has a 0% false positive.
2) Lack of DSN for email falsely detected containing malware is okay.
3) Purported malware should be assumed to use a forged return-path.
4) The return-path can be validated prior to accepting a message.
5) SMTP should appear to be point-to-point.
6) MTAs with AV filters are the only problem.
Case in point Doug.. Current versions of Sober.U are sending mail from: [email protected] (xx's to hide the actual host).
I have a slew of these in my detected malware folder. I suppose that you'd prefer, by your reasoning, that I be sending DSN's to these addresses, knowing full well that it won't make it and just clutter up comcast's smtp gateway with DSN's. I'm sure that they'd like that very much.

Mike P.