[33400] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

RE: RFC: virus handling

daemon@ATHENA.MIT.EDU (David Brodbeck)
Wed Feb 4 05:51:57 2004

Message-ID: <C823AC1DB499D511BB7C00B0D0F0574C58467A@serverdell2200.interclean.com>
From: David Brodbeck <DavidB@mail.interclean.com>
To: "'Daniele Orlandi'" <daniele@orlandi.com>, bugtraq@securityfocus.com
Date: Tue, 3 Feb 2004 10:50:58 -0500 
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"



> -----Original Message-----
> From: Daniele Orlandi [mailto:daniele@orlandi.com]

> I use amavisd-new which has support for listing viruses/worms 
> that fake
> the sender's email address. Unfortunatelly the list is external to the
> actual virus scanner and has to be updated manually.

Given that the majority of new viruses forge the sender's email address, I
think the reverse would make more sense -- have a list of viruses that
*don't* forge, and only send notifications for those.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[33400] in bugtraq

RE: RFC: virus handling

daemon@ATHENA.MIT.EDU (David Brodbeck)Wed Feb 4 05:51:57 2004

daemon@ATHENA.MIT.EDU (David Brodbeck)
Wed Feb 4 05:51:57 2004