[unisog] Virus droppings and unresolvable domains - your input.

Dave Ellingsberg dave.ellingsberg at csu.mnscu.edu
Tue Mar 2 19:19:42 GMT 2004


We are inacting new firewall rules that stop most [90%+] of outbound
virus related mails.  If the outbound mesages are not from known
mailservers it is discarded at the perimeter.  No junk messages, no
report to users.  If you need to send to another mailserver and you can
not forward through the campus server we have a host that will forward
for all our address space.

Its long past time that just anybody can set up a mail server, so why
allow all of your namespace this luxury?  Stop it on the way out.  No
need to deal with abuse, spam or the latest internet nerd who threatens
to sue you cause one of your boxes used his domain name.  No need to try
to explain to users at all levels how the latest virus spoofs the
address and that the bounces you are getting can be ignored.

Just got fed up chasing our tails all week.

bigfoot

>>> Paul Russell <prussell at nd.edu> 3/1/2004 4:22:35 PM >>>
Thomas DuVally wrote:
> 
> 1) We deliver all those virus messages (cleaned, of course) that are
> generated by viruses themselves (mydoom, sobif, klez ...) to our
users.

Given the nature of mass-mail viruses, there is nothing of value to
the
recipient in the message, and there is the risk that the volume of
mass-mail
virus carrier messages delivered to a single mailbox might result in
an
effective denial of service to that user. Consequently, we discard
mass-mail
virus carrier messages.




More information about the unisog mailing list