[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Fwd: Undelivered Mail Returned to Sender



> -----Original Message-----
> From: Arjen de Korte [mailto:suse-security@xxxxxxxxxxxx] 
> Sent: Friday, June 04, 2004 11:24 AM
> To: suse-security@xxxxxxxx
> 
> 
> Please folks, this is exactly the reason why you should NOT 
> send bounces in 
> reply to virusses. I'm very disappointed that SuSE is still 
> not aware of the 
> implications of this annoying behaviour. To summarize, only 
> send warnings to 
> authenticated senders otherwise you might be sending it to a 
> spoofed sender 
> address.

Ehm, just for the records.

The virus warning you got was not a reply to the sender telling
the sender he is probably infected, but a mail to the recipient
that someone sent an infected e-mail to him. Theres usually no
problem in doing so because its a notice to your own users.

The mail you got was just a legit "User Unknown" bounce.

The problem is that scanhost.suse.de does not know which users
are legit for suse.de. Or even better Cantor.suse.de shouldn't
even accept the message.

Hint: relay_recipient_maps Hint ;)

marc



-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here