----- Original Message ----- From: "Douglas Otis" <dotis@mail-abuse.org> To: "Todd Vierling" <tv@duh.org> Cc: "Steven J. Sobol" <sjsobol@JustThe.net>; "Geo." <geoincidents@nls.net>; <nanog@merit.edu> Sent: Friday, December 09, 2005 1:58 PM Subject: Re: SMTP store and forward requires DSN for integrity (was Re:Clueless anti-virus )
On Dec 9, 2005, at 10:15 AM, Todd Vierling wrote:
1. Virus "warnings" to forged addresses are UBE, by definition.
This definition would be making at least two of the following assumptions:
1) Malware detection has a 0% false positive. 2) Lack of DSN for email falsely detected containing malware is okay. 3) Purported malware should be assumed to use a forged return-path. 4) The return-path can be validated prior to accepting a message. 5) SMTP should appear to be point-to-point. 6) MTAs with AV filters are the only problem.
Case in point Doug.. Current versions of Sober.U are sending mail from: ?@c-24-19-xx-xx.hsd1.wa.comcast.net (xx's to hide the actual host). I have a slew of these in my detected malware folder. I suppose that you'd prefer, by your reasoning, that I be sending DSN's to these addresses, knowing full well that it won't make it and just clutter up comcast's smtp gateway with DSN's. I'm sure that they'd like that very much. Mike P.