> > As you surely know, a 5xx is sent back to the return-path, and it is > almost always faked... >
True, but you are issuing a 550 to the sending server, which in turn is responsible for delivery of the MAILER-DAEMON to the return-path. Your server is not sending the non-deliverable, therefore no one will bitch at you to begin with. However, viruses (read 'worms') do not use SMTP servers from where the return-path says its coming from, they normally use their own SMTP engine, so you'll be saying '550 denied' to the SMTP engine of the worm, not to a legit mail server. The worm's smtp engine is not going to send a DSN or Non-Deliverable to the return path like a legit server would. If a legit mailer was sending a virus, their sending server would be doing the delivery, so I would issue a 550 to the sending server, which in turn will send a non-deliverable to the return-path, which if it's a false-positive on the virus detection, worse things have happened. FYI: Qscanq 550's detected viruses. You'll probably see the reasoning discussed on their list (if they have one) if this doesn't suffice for you. Dallas ------------------------------------------------------- This SF.Net email is sponsored by Sleepycat Software Learn developer strategies Cisco, Motorola, Ericsson & Lucent use to deliver higher performing products faster, at low TCO. http://www.sleepycat.com/telcomwpreg.php?From=osdnemail3 _______________________________________________ Qmail-scanner-general mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/qmail-scanner-general
