ietf-asrg
[Top] [All Lists]

Re: [Asrg] where the message originated

2009-01-15 18:54:30
On Thu, Jan 15, 2009 at 05:12:04PM +0000, David Wilson wrote:
What I am talking about is messages for which the content is reported by
AV software as being infected. The probability that such a message is
not harmful is likely to be very, very small. A system should behave
responsibly with such a message, and not risk sending it in a bounce
message anywhere. Rejecting it might result in the generation of such a
bounce, if you have received the message from an intermediate MTA.

But this is exactly the opposite of the situation here.  You can
send Windows malware here all day long and nothing will happen except
maybe bemusement: there are no Windows systems here.

"harm" is not an absolute.  Not everyone's environment is the same.

Moreover, trying to guess what someone else's mail system will do is
pointless, and trying to correct it if you think it's wrong is futile.
All you can do is *your part*, which is to reject with an appropriate
error message and move on.

(And as a practical matter, if it's not a real mail server talking to
you, then it's not going to generate a bounce.  If it *is* a real mail
server talking to you, and it's trying to deliver malware, then it's
probably already so badly hosed that nothing you could possibly do or
not do will make it any worse.)

---Rsk
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg