| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 03 Feb 2004 23:57:06 +0100 From: Casper Dik <casper@...land.sun.com> To: David Brodbeck <DavidB@...l.interclean.com> Cc: "'Daniele Orlandi'" <daniele@...andi.com>, bugtraq@...urityfocus.com Subject: Re: RFC: virus handling > > >> -----Original Message----- >> From: Daniele Orlandi [mailto:daniele@...andi.com] > >> I use amavisd-new which has support for listing viruses/worms >> that fake >> the sender's email address. Unfortunatelly the list is external to the >> actual virus scanner and has to be updated manually. > >Given that the majority of new viruses forge the sender's email address, I >think the reverse would make more sense -- have a list of viruses that >*don't* forge, and only send notifications for those. Considering that virus scanners still operate using signatures, it seems logical to include a flag for each specific virus so that when it is recognized the virus software knows that they shouldn't bother me. (A, and yes, it is a lot of fun that those virus scanner vendors sell *localized* versions of their software so I've now had them tell me in more languages and character sets than I care to remember how bloody incompetent they are.) Casper
Powered by blists - more mailing lists