Re: MyDoom, Sorbig - Actions taken?

> I am getting a little peeve with your continued disrespect.
<yawn>.  And by your repeated verbose attempts to pass off ignorance as 
sophistication you're demonstrating _what_ exactly?
> Going back to the original question,  would this be YOUR method (using 
> MIME)
> to help solve or address your email virus problems being dump your way?
If vendors followed the spec, the only way that recipients' computers 
would be vulnerable to viruses would be if the recipients manually 
saved the attachment, and then manually launched it using a separate 
program.  It wouldn't completely keep viruses from propagating (there 
are some people stupid enough to do anything) but it would be 
sufficient to keep them from propagating quickly or widely.
> Rather to being so condescending, why don't you explain how layering 
> when
> adhered by the MUA will solve the problem of abusive transportation of
> viruses.
If the MIME specifications were followed, there would be no incentive 
to send email viruses in the first place, since there would be little 
chance of their propagating widely.  Miscreants would use other means 
to attack systems.
>    You are bent of this being an USER/MUA problem maybe that's
> because you are currently focus on "User needs."   Well,  I disagree.
That's because you don't know what you are talking about (either about 
my focus or about mail system design).
The MUA is the part of the system that represents the user's interests 
(as in, not having his computer attacked).  The MUA is the part of the 
system that knows about message content (as in, knowing the meanings of 
attachment types and what to do with them).  The MUA is the part of the 
system that has to adapt to, and learn how to handle, new kinds of 
content.  The MTS doesn't know about any of these things, and for good 
reason.  The MTS doesn't know about the characteristics of, or 
configuration of, end systems.  Content that is perfectly legitimate to 
one recipient is potentially harmful to another.  The MTS has no way of 
knowing the difference.
To expect an MTA to be better at filtering viruses than an MUA is to 
expect a part of the system that doesn't act on behalf of a recipient 
to represent the recipient's interests better than the recipient's MUA. 
 It expects the MTA to know almost as much about content as the MUA 
even though the MTA's job is to be transparent.  It expects MTAs to 
adapt as quickly to changes in content used by recipients as the 
recipient's MUAs.  It makes it harder to transmit new kinds of content 
over the Internet because it will require the upgrade of all MTAs in 
the path, and it therefore makes Internet mail less flexible and less 
useful.  A mail architecture that did that would expect ISPs to spend 
large sums of money to compensate for Microsoft's negligence.
Now, there's something to be said for security in depth, and having a 
virus filter near the recipient, say attached to the recipient's 
inbound SMTP server and message store, as a backup to accidental bugs 
in the recipient's MUA, probably does make some sense.  And if it's 
placed there then it can still be responsive to recipient's needs (as 
in, "yes, I really do need the message with the three .exe attachments 
delivered intact; I was expecting them and the message was digitally 
signed by the vendor who sent them to me.").  But you don't need 
support in SMTP to do that.
> You still have not address the question when MIME is not used for 
> attachment transportation via SMTP.
You solve that problem in the same way as for MIME attachments; it's 
just not in scope for the MIME spec to say that.
Keith