[87165] in North American Network Operators' Group
Re: Clueless anti-virus products/vendors (was Re: Sober)
daemon@ATHENA.MIT.EDU (Edward B. Dreger)
Wed Dec 7 21:07:10 2005
Date: Thu, 8 Dec 2005 02:06:40 +0000 (GMT)
From: "Edward B. Dreger" <eddy+public+spam@noc.everquick.net>
To: nanog@merit.edu
In-Reply-To: <8405970D-ECAD-402D-A10A-2D72EB2F1F70@mail-abuse.org>
Errors-To: owner-nanog@merit.edu
DO> Date: Wed, 7 Dec 2005 17:02:51 -0800
DO> From: Douglas Otis
DO> > Hmmmm. BATV-triggered bounces. Virus triggers forged bounce which in
DO> > turn triggers "your DSN was misguided" bounce. Perhaps the bandwidth
DO> > growth of the '90s will continue. ;-)
DO>
DO> BATV should not trigger any bounce as this only changes the local-part of
DO> the bounce-address (a.k.a return-path). BATV allows quick rejection of the
DO> session when a spoof is detected before any message is exchanged. This
I've read the spec.
DO> should alleviate your concerns about bandwidth. It would also depreciate
I usually don't use humor-related smileys when I'm worried.
DO> this tactic and further reduce related traffic. Being sensitive about
DO> spoofed DSNs, one would expect to hear accolades for BATV rather than
DO> berating.
Wouldn't it be nice to let people know their DSNs are misplaced? Or
does that only apply to viruses and worms? ;-)
So much for "be conservative in what you send and liberal in what you
accept". Yes, BATV helps block the errant DSNs. It's just a shame that
we seem to be shifting responsibility to the recipient, treating the
symptom instead of the disease.
Eddy
--
Everquick Internet - http://www.everquick.net/
A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 785 865 5885 Lawrence and [inter]national
Phone: +1 316 794 8922 Wichita
________________________________________________________________________
DO NOT send mail to the following addresses:
davidc@brics.com -*- jfconmaapaq@intc.net -*- sam@everquick.net
Sending mail to spambait addresses is a great way to get blocked.
Ditto for broken OOO autoresponders and foolish AV software backscatter.
