[59370] in North American Network Operators' Group
Re: Weird email messages with "re:movie" and "re:application" in the subject line..
daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Thu Jun 26 14:33:28 2003
To: John Payne <john@sackheads.org>
Cc: Eric Brunner-Williams in Portland Maine <brunner@nic-naa.net>,
Larry Rosenman <ler@lerctr.org>,
Mark Segal <MSegal@Corporate.FCIBroadband.com>,
"'nanog@merit.edu'" <nanog@merit.edu>
Date: Thu, 26 Jun 2003 14:32:51 -0400
From: "Steven M. Bellovin" <smb@research.att.com>
Errors-To: owner-nanog-outgoing@merit.edu
In message <2147483647.1056635153@[192.168.1.102]>, John Payne writes:
>
>
>--On Wednesday, June 25, 2003 23:37 -0400 "Steven M. Bellovin"
><smb@research.att.com> wrote:
>
>> And I've gotten bounces from mail allegedly from me. It's not L3's
>> fault; this particular worm forges From: lines on its email.
>
>fault is debatable. Because forgeries are now so common, particularly in
>worms, why would you send these notifications to anyone other than the
>recipient? Let the human decide if the right thing to do is notify the
>sender.
>
>
Personally, I blame the anti-virus companies who market the software.
They know which viruses forge From: lines; why should their "alert the
poor infected fool" software send notes to folks whose addresses are
being spoofed?
--Steve Bellovin, http://www.research.att.com/~smb (me)
http://www.wilyhacker.com (2nd edition of "Firewalls" book)
