-----Original Message----- From: Arjen de Korte [mailto:suse-security@de-korte.org] Sent: Friday, June 04, 2004 11:24 AM To: suse-security@suse.com
Please folks, this is exactly the reason why you should NOT send bounces in reply to virusses. I'm very disappointed that SuSE is still not aware of the implications of this annoying behaviour. To summarize, only send warnings to authenticated senders otherwise you might be sending it to a spoofed sender address.
Ehm, just for the records. The virus warning you got was not a reply to the sender telling the sender he is probably infected, but a mail to the recipient that someone sent an infected e-mail to him. Theres usually no problem in doing so because its a notice to your own users. The mail you got was just a legit "User Unknown" bounce. The problem is that scanhost.suse.de does not know which users are legit for suse.de. Or even better Cantor.suse.de shouldn't even accept the message. Hint: relay_recipient_maps Hint ;) marc