On Friday 06 January 2006 10:35, Steven Spence wrote: > Jeremy Kitchen wrote: > >>I wouldn't say never. If you had authenticated SMTP set up you could > >>always send the notification back to the sender using the username > >>supplied during the SMTP authentication process. After authentication > >>has succedeed of course. :) > > > > rejecting the message should alert the user that something is wrong. > > Most MUAs will say "hey! they didn't take my mail!" and only outlook > > won't tell you why. > > > > 5xx Message rejected because of infection with Worm.YouSuck.Loser > > Well, rejecting a message does alert the user if the user is sitting behind > their mail client that sent it. Most viruses have their own engines to > send out copies of itself. While the 5xx response message is still sent > back it never makes it to the person using the computer to make them > aware of the rejection.
that's why you also have a log watcher on your SMTP logs that checks if one of your own users is attempting to send viruses. You then match up their IP address and the timestamp with the radius logs (assuming a dialup ISP) and pick up the telephone. -Jeremy -- Jeremy Kitchen ++ [EMAIL PROTECTED] In the beginning was The Word and The Word was Content-type: text/plain -- The Word of Bob.
pgpYgPhDRHlAM.pgp
Description: PGP signature
_______________________________________________ http://lurker.clamav.net/list/clamav-users.html
