Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > Python > Re: Frustration with spurious posts.

Thread Tools

Re: Frustration with spurious posts.

Posts: n/a
Alan Kennedy <(E-Mail Removed)> schreef:

> Bringing an end to the problem would probably involve a fairly
> substantial admin effort on the part of the admins.

No, it's the admins that run an antivirus on their mail server or the users
that use broken anti-virus/anti-spam tools that should fix their system.
It's plain stupid and irresponsible to bounce or send a mail back to a
*forged* and often randomly shuffled "From:" address, doubling or tripling
the mail traffic generated by the virus itself.

(I have even seen one system "bouncing" virus mails with the attachment
included, sending the virus to an innocent user...)


"Be strict when sending and tolerant when receiving."
RFC 1958 - Architectural Principles of the Internet - section 3.9
Reply With Quote
Anthony Baxter
Posts: n/a

>>> Alan Kennedy wrote

> Is there some sort of mail header that these virus checking gateways
> could examine, to see if the email is from a list, rather than an
> individual, before it sends these emails? Maybe we need to invent one,
> e.g.
> X-Dont-Send-Me-Virus-Reports: YES

Won't help - the virus that fakes '(E-Mail Removed)' (or Removed) - while it's old, I'm sure it's out there still)
won't generate this header.

Greg Ward's aware of the issue, and he's working on it - offers of
useful round tuits to help him wouldn't be a bad thing.

> > "Be strict when sending and tolerant when receiving."
> > RFC 1958 - Architectural Principles of the Internet - section 3.9

> Do this mean we should quietly tolerate the "you sent me a virus!"
> emails?

No, it means you should send very firmly worded "fix your ****ing
mail gateway" messages to the people sending back useless bounce

Anthony Baxter <(E-Mail Removed)>
It's never too late to have a happy childhood.

Reply With Quote
Stuart D. Gathman
Posts: n/a
On Sun, 06 Jul 2003 08:54:40 -0400, Alan Kennedy wrote:

> But if an email is sent from an individual to an individual, then such
> "you sent me a virus!" emails can be very useful information. It's only
> when an email address is associated with lots of subscribers that it
> becomes a problem. Or, as you pointed out, when the from address is
> forged.

The from address is always forged.

I get literally hundreds of bounces daily from various viruses. My
Bayesian filter had not yet learned to distinguish them from real bounces.
I did not send any of them. For the bounces that include the original email in
an rfc822 attachment, this can be verified by looking at the 'Recieved'
headers. It never went anywhere near my system. I don't even run Windows
- and these are Windows viruses.

I also receive email threatening bodily harm for sending spam. A less
clueless admin sent me email saying that he had contacted my ISP and had
my account cancelled - and included a ticket # to prove it. I looked at
the ticket, and there was indeed an account cancelled at some ISP I'd
never heard of. Since the admin was smart enough to look at the headers
to track down the real ISP, you would think he would be smart enough to
realize that any From headers in spam are completely bogus.

Sending any kind of reply to a spam or viral email is clueless and
counterproductive under any circumstances. All it accomplishes is
annoying yet another innocent bystander.
Reply With Quote

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
spurious DMZ Barrett Bonden Cisco 1 02-01-2006 05:50 AM
Status query: Java 1.5 Linux spurious mouse clicked events. Ian A. Mason Java 0 02-24-2005 04:15 AM
Re: spurious wakeup Markus Elfring C++ 10 11-30-2004 10:07 PM
Re: spurious wakeup Markus Elfring C++ 0 11-25-2004 11:34 AM
Spurious Access Mark St Laurent Cisco 6 10-01-2004 02:20 AM