Date: Tue, 13 Mar 2001 23:54:01 -0500 (EST) From: Jim Durham <durham@w2xo.pgh.pa.us> To: freebsd-security@freebsd.org Subject: Sophos and Virus return mail Message-ID: <Pine.BSF.4.21.0103132338550.27904-100000@shazam.int>
next in thread | raw e-mail | index | archive | help
Great discussion going on about Sophos and Amavis! This may be something I'm missing, but there are several virii that apparently send no "envelope from" address when they generate virus mail. One that comes to mind is the stupid "Snow White" thing. I went through the Amavis scan script and I see that if there is no "envelope from" address, it punts and sends the warning to "MAILER-DAEMON". This means you get a bazillion of these messages every day (We seem to have employees who appear in the address books of people with this virus!). Also, the person with the virus does not get the warning mail. I thought of rewriting the script to use the "From: " address to reply. I think that would usually work, but I'm not sure that address always appears either. Anyone done anything with this? Thanks, Jim Durham To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0103132338550.27904-100000>