virus-checking mail servers

having a mail server that checks your incoming (and outgoing!) mail for viruses is a very good thing.

having a mail server that sends bounce messages in response to viruses that are known to forge the message sender is a very, very bad thing.

as far as i can tell, i have received exactly zero copies of the latest sobig virus today because it has been blocked by various mail filters doing their job (mostly the klez_filter plugin for qpsmtpd). i have, however, received hundreds of bounce messages from mail servers as the result of the damn thing.

(by way of stats, my mail server rejected 42 mails with the klez_filter plugin. the server rejected 2377. i wish i had a little more time to play with tuning the spam filters on both machines, because the cat-and-mouse nature of it can be entertaining, but i unfortunately have better things to do.)

« august 18, 2003 8:17pm viruses that spoof the sender address »