Re: [Exim] MyDoom filtering?

Top Page
This message is part of the following thread:
M-----\the complete thread tree sorted by date
M++++\M\Alan J. Flavell at <-
MMMMMMMMWalt Reed at ->
Delete this message
Reply to this message
Author: Nico Erfurth
Date:  
To: Alan J. Flavell
CC: exim-users
Subject: Re: [Exim] MyDoom filtering?
Alan J. Flavell wrote:

> But who will defend us from the absolute *storm* of misguided attempts
> to notify us that "we" (more correctly, someone else masquerading
> as us) have been sending out viruses? WE HAVE NOT.
>
> It would be great if we could all get together and thoroughly
> blacklist any site that's still playing this illogical game of sending
> virus notification (complete with an accurate identification of the
> virus, in most cases!!!) to the counterfeited address found in the
> envelope sender, when the virus in question is _known_ to counterfeit
> the sender (most of them do nowadays, anyway).

Which brings up another question, "To reject, or not to reject".
How do others handle virus-mails? Sending them into a blackhole,
rejecting them or saving them for later investigation?

Currently I'm rejecting mails that don't pass the virusscan or which
contain unwanted extensions (via exiscan), I know that this will most
probably turn into a bounce to someone, but I'm not a friend of
blackholing mails.

Nico



This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [Exim] Web Gui for EximRe: [Exim] keying off an ldap attribute and either failing...->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)