Mailinglist Archive: opensuse-security (297 mails)
| < Previous | Next > |
Re: [suse-security] Fwd: Undelivered Mail Returned to Sender
- From: "Marc Samendinger" <marc.samendinger@xxxxxxxxxxxx>
- Date: Sat, 5 Jun 2004 11:28:19 +0200
- Message-id: <D43A9EEA85408B488B879CA13DB803B00C4DF3@xxxxxxxxxxxxxxxxxxxxx>
> -----Original Message-----
> From: Arjen de Korte [mailto:suse-security@xxxxxxxxxxxx]
> Sent: Friday, June 04, 2004 11:24 AM
> To: suse-security@xxxxxxxx
>
>
> Please folks, this is exactly the reason why you should NOT
> send bounces in
> reply to virusses. I'm very disappointed that SuSE is still
> not aware of the
> implications of this annoying behaviour. To summarize, only
> send warnings to
> authenticated senders otherwise you might be sending it to a
> spoofed sender
> address.
Ehm, just for the records.
The virus warning you got was not a reply to the sender telling
the sender he is probably infected, but a mail to the recipient
that someone sent an infected e-mail to him. Theres usually no
problem in doing so because its a notice to your own users.
The mail you got was just a legit "User Unknown" bounce.
The problem is that scanhost.suse.de does not know which users
are legit for suse.de. Or even better Cantor.suse.de shouldn't
even accept the message.
Hint: relay_recipient_maps Hint ;)
marc
> From: Arjen de Korte [mailto:suse-security@xxxxxxxxxxxx]
> Sent: Friday, June 04, 2004 11:24 AM
> To: suse-security@xxxxxxxx
>
>
> Please folks, this is exactly the reason why you should NOT
> send bounces in
> reply to virusses. I'm very disappointed that SuSE is still
> not aware of the
> implications of this annoying behaviour. To summarize, only
> send warnings to
> authenticated senders otherwise you might be sending it to a
> spoofed sender
> address.
Ehm, just for the records.
The virus warning you got was not a reply to the sender telling
the sender he is probably infected, but a mail to the recipient
that someone sent an infected e-mail to him. Theres usually no
problem in doing so because its a notice to your own users.
The mail you got was just a legit "User Unknown" bounce.
The problem is that scanhost.suse.de does not know which users
are legit for suse.de. Or even better Cantor.suse.de shouldn't
even accept the message.
Hint: relay_recipient_maps Hint ;)
marc
| < Previous | Next > |