[60938] in North American Network Operators' Group
RE: To send or not to send 'virus in email' notifications?
daemon@ATHENA.MIT.EDU (John Ferriby)
Wed Aug 20 10:41:27 2003
From: "John Ferriby" <john@ferriby.com>
To: <nanog@merit.edu>
Date: Wed, 20 Aug 2003 10:32:24 -0400
In-Reply-To: <3F4384D8.7060400@ttec.com>
Errors-To: owner-nanog-outgoing@merit.edu
> Considering the amount of email traffic generated by responding to
> forged virus laden email from culprits like sobig should email virus
> scanning systems be configured to send notifications back to
> sender or not?
IMO: No. I have had around 200 of these alerts this morning alone,
most of which originate from POSTMASTER@somedomain which received
email using my forged address. I can't blithely ignore the
postmaster, but I'm sorely tempted to filter them.
Side note: I'm seeing about a 20x increase in smtp traffic over
the daily norm.
-John
