Hello list and Jason Haar,

A discussion on a local mailing list here
raised an interesting point regarding the
new psender functionality in qmail-scanner >= 1.21.

Previously, qmail-scanner sent notifications for
all incoming virus emails. This was prone to
SMTP forgery, but at least the senders of
legitimate emails that are falsely accused of
containing a virus would be notified that their
email had been quarantined. The down side was
that many inocent netizens were spammed with
"you sent us a virus" notifications.

However, now with the psender functionality
we silently quarantine all viruses without
notifying the sender in any way. The sender
has every right to assume that his email was
delivered successfully, even though it might
not have been delivered at all.

This would be perfectly acceptable if all AV
software yielded a 0% false positive rate.
However, we all know that just isn't the case.
False positives DO happen.

So why don't we change qmail-scanner to return
a 5xx SMTP error code and a short message when a
virus email is quarantined?

That way, a legitimate sender will instantly
know that there is a problem with his email,
instead of believing that the email was delivered
successfully. If the email does not really
contain a virus (i.e. false positive) then he
can contact the mail server's administrator
and have the problem fixed.

PROS: qmail-scanner still quarantines and blocks
      viruses.

      Virus sender knows that virus was not
      delivered successfully.

      We can still use psender functionality to
      avoid spamming incocent netizens with
      "you sent us a virus" notifications.

CONS: ???


What do you think?

-- 
Jesse Guardiani, Systems Administrator
WingNET Internet Services,
P.O. Box 2605 // Cleveland, TN 37320-2605
423-559-LINK (v)  423-559-5145 (f)
http://www.wingnet.net




-------------------------------------------------------
This SF.Net email is sponsored by Sleepycat Software
Learn developer strategies Cisco, Motorola, Ericsson & Lucent use to 
deliver higher performing products faster, at low TCO.
http://www.sleepycat.com/telcomwpreg.php?From=osdnemail3
_______________________________________________
Qmail-scanner-general mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/qmail-scanner-general

Reply via email to