On 06 March 2002, Ken Bailey said:
> I query the wisdom of using "return message".
>
> In the event that a trojan forges the sender address (eg using valid
> address book entries), surely you risk sending a live virus 'back' to
> an innocent member of the infected sender's address book?
But Exim won't return the viral message in its original, dangerous,
MIME-encapsulated form. All the MIME headers that triggered the virus
detection are out in the open now, and -- omitting the possibility of
MUAs that deliberately go looking for trouble by interpreting non-MIME
messages as MIME [1] -- the recipient should be safe.
[1] I can just see Outhouse doing this...
Greg
--
Greg Ward - software developer gward@???
MEMS Exchange http://www.mems-exchange.org
