On Fri, 2004-05-14 at 07:58, Jason Haar wrote: > On Thu, May 13, 2004 at 03:07:40PM +1000, Adam Goryachev wrote: > > There are some dis-advantages that should be considered, which don't > > seem to have been noticed yet. Namely, *IF* a worm sent it's message > > using the configured SMTP relay, and the SMTP relay forwarded the > > message to a system configured to 5xx the virus, then it will correctly > > create a bounce message. This could in fact send a *known* virus > > infected email, including the attachment, to the 'supposed' sender, who > > may well wonder what attachment they sent to this person. > > Wow - good call. That is a serious issue. > > You will end up bouncing viruses to someone who isn't already infected with > a virus.
Yes, and this *may* be something some virus writer will take into account at some future date/time... However, there are some things which make this less of an issue than we might think: a) There are no current viruses that work this way, and it is unlikely a virus writer would write one just because QS does this. b) Hopefully if the mailserver bounced the email, it didn't allow the original attachment to be included such that the receiver's mail program can access it. ie, you always get at least a section of the original email on a bounce. You generally get the original email as well. I am not sure if you will also get the original attachment as well. Someone with better testing facilities than me will need to test this. Like I said, it would be nice if this was just another option available for people to use. We can't really determine all possible outcomes unless we actually do it, and see what happens. So, make it an option, allow some people to use it, then we can see what happens. If it causes more problems than it fixes, we can turn it off and refer people to the archives next time it is asked. Or, if it works so well that we all love it, then we enable it by default in some future version... Regards, Adam ------------------------------------------------------- This SF.Net email is sponsored by: SourceForge.net Broadband Sign-up now for SourceForge Broadband and get the fastest 6.0/768 connection for only $19.95/mo for the first 3 months! http://ads.osdn.com/?ad_id=2562&alloc_id=6184&op=click _______________________________________________ Qmail-scanner-general mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/qmail-scanner-general
