[Top] [All Lists]

Re: Best practices to avoid virus and spam

2004-02-14 08:13:28

On Fri, Feb 13, 2004 at 02:04:31PM -0500, Keith Moore wrote:
but the SMTP server doesn't have any way of knowing that the mail
was a virus.  and it shouldn't have to suck down the message just
for the purpose of finding out.  

Yes, the MTA would not know upfront whether it is a mail with virus,
and it would need to receive all of the mail to find out whether it
is. I think we agree on that. Whether it then is advisable to do that
can be discussed, my opinion is that we should recommend this.

My opinion is that we should recommend exactly the opposite - that
sites should always reject mail before DATA if they have enough
information to do that.  The impact of sucking down all messages just to
do a virus is considerable.  And error reporting is much more reliable
if the error indication is returned in response to SMTP MAIL or RCPT
than if it is returned as a bounced mail message.

I know that your opinion is quite common, but it seems that my latest
mails on the issue, with all my wise words:-), have not been sent,
so I will send them again.

There are better ways to discourage viruses than to expect SMTP servers
to accept, detect, and discard them.

I am willing to discuss all ways on how to do this, I am fed up on them.
My discussion was actually not mainly on how to avoid virus, but how to
avoid bogus error messages on virus detection and related error

Anyhow I am interested in hearing what you propose to avoid virus.

Best regards