[33382] in bugtraq
Re: RFC: virus handling
daemon@ATHENA.MIT.EDU (David F. Skoll)
Wed Feb 4 02:32:41 2004
Date: Mon, 2 Feb 2004 20:26:38 -0500 (EST)
From: "David F. Skoll" <dfs@roaringpenguin.com>
To: Pavel Levshin <flicker@mariinsky.ru>
Cc: Thomas Zehetbauer <thomasz@hostmaster.org>, bugtraq@securityfocus.com
In-Reply-To: <002201c3e6a7$fa738ef0$0f1fa8c0@squirrel>
Message-ID: <Pine.LNX.4.58.0402022024180.5507@shishi.roaringpenguin.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
On Thu, 29 Jan 2004, Pavel Levshin wrote:
> Antivirus software MAY be configured to send notifications to local senders
> and/or recipients, i.e. to domains which are handled by this server.
> Antivirus filtering software SHOULD NOT be configured to send out
> notifications to senders or recipients other than local, unless it
> distinguishes between faked and real addresses.
I would add:
"If anti-virus filtering software sends notifications to non-local
recipients, then the sender address of the notifications MUST be an
address that can be replied to, and this reply MUST reach a human
being."
Rationale: When my filtering software bounces all these stupid notifications,
I want a person to get stuck with all the bounce messages, thereby encouraging
him/her to turn off non-local notifications.
--
David.
