Re: [Exim] MyDoom filtering?

Pàgina inicial
Delete this message
Reply to this message
Autor: Nico Erfurth
Data:  
A: Alan J. Flavell
CC: exim-users
Assumpte: Re: [Exim] MyDoom filtering?
Alan J. Flavell wrote:

> But who will defend us from the absolute *storm* of misguided attempts
> to notify us that "we" (more correctly, someone else masquerading
> as us) have been sending out viruses? WE HAVE NOT.
>
> It would be great if we could all get together and thoroughly
> blacklist any site that's still playing this illogical game of sending
> virus notification (complete with an accurate identification of the
> virus, in most cases!!!) to the counterfeited address found in the
> envelope sender, when the virus in question is _known_ to counterfeit
> the sender (most of them do nowadays, anyway).


Which brings up another question, "To reject, or not to reject".
How do others handle virus-mails? Sending them into a blackhole,
rejecting them or saving them for later investigation?

Currently I'm rejecting mails that don't pass the virusscan or which
contain unwanted extensions (via exiscan), I know that this will most
probably turn into a bounce to someone, but I'm not a friend of
blackholing mails.

Nico