[TriLUG] Blocking Attachments in Exim/A really wack network admin

[Tanner Lovelace]

David A. Cafaro said the following on 4/10/04 10:09 AM:
> Unfortunately using REJECT on these emails because they have viruses
> will still cause a deluge of useless email info to victim parties.  They
> may not be getting a warning that so and so email contains a virus,
> instead they will get an email saying so and so email was rejected (an
> email they never sent).  Again, just a lot of lost bandwidth and
> confused users wondering why they are getting messages about emails they
> never sent (I know this first hand by explaining often to users what has
> happened, that it isn't them, and to ignore it, over and over..).  If
> there is the ability to identify the virus emails and just dump them to
> /dev/null, that is the best solution.  Maybe you could try tracing down
> the relaying server and alert them?

Rejecting with the appropriate mail code will not cause any bounces if
the e-mail is being sent by the viruses own engine.  If it comes from
a regular mail server, then that mail server is misconfigured and shouldn't
be accepting virus e-mail anyway.  If the mail admin is looking at his
logs, s/he will see the rejects and hopefully notice that their server
is misconfigred. The mail server doing the rejecting isn't sending any
e-mails, it's just saying it won't accept the e-mail. Silently discarding
the e-mail, besides being in violation of the SMTP spec, isn't a good
solution because in case it is a valid message, there's no way for the
sender or the recepient to realize that it was dropped.  That is unacceptable,
especially if it's an ISP doing the dropping.

Cheers,
Tanner
-- 
Tanner Lovelace       | Don't move! Or I'll fill ya full of... little
lovelace at wayfarer.org | yellow bolts of light! - Commander John Crichton