On Tue, 2 Jul 2002, Tabor J. Wells wrote:
> Although since sending your note with the iframe tag in the mail, we've
> received 13 anti-virus warnings to the list admin address. Since there are
> apparantly so many crappy email anti-virus products out there, perhaps next
> time you could just post a link to your favorite AV site writeup instead. :)
Hmmm. If you had sent an attachment which fell foul of the filter
at
ftp://ftp.exim.org/pub/filter/ , then the item would be bounced.
Presumably the bounce would go to the envelope-sender address, which
is exim-users-admin@???
Does that mean that the cited filter is "crappy"? I don't think so.
Doesn't that rather say something about the software which needs to be
protected from harm by the deployment of such filters?
Along these lines, we saw another mailing list where the following
scenario was played out:
1. mailing list sends a known virus to one of our users. We bounce
it.
2. mailing list automatically sends another copy of the mail,
including the virus, to the user, with a covering note saying excuse
me you seem to have bounced this the first time so we'll try again.
So far, so normal. Of course the executable-content filter bounced
that one too.
3. mailing list sends what it describes as a "probe", saying this is
to test your address and if you bounce this then we'll unsubscribe
you. Again this is quite normal in our experience - BUT this dumb
list went and appended yet another copy of the virus-infested mail to
the probe, consequently we bounced it again, and they unsubscribed
him. Of course the user never got any of these; the postmaster had to
pass the news on to him manually.
Mumble.
all the best
