Hi Guys, It seems to me a lot of virus scanners picked up this behavior in the days of the "I Love You" and Melissa viruses, when virii tended to infect documents rather than be self-propagating worms. We haven't lived in a world where its likely a legitimate sender is unwittingly sending infected documents for awhile. It'd be nice if the AV/MTA vendors would take this feature out, or AV the message before they accept the DATA section and leave it to the sending mail server to bounce it. -J -----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of Chris Adams Sent: Thursday, August 02, 2007 8:22 PM To: nanog@merit.edu Subject: Re: Gwd: crypted document Once upon a time, Hex Star <hexstar@gmail.com> said:
Why would someone in the ISP industry try to spread a virus? Ironically I suppose a ISP admin may have their own computer infected... :P
Why would someone assume that the sender in a virus email is valid? Also, I want to thank all those with auto-responders that respond to list email for letting me know about this message to NANOG. -- Chris Adams <cmadams@hiwaay.net> Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. !SIG:46b294c9156537812920785!