[clug] [AUSCERT ALERT - Email worm W32.Beagle.A/Win32.Bagle.A]
Damien Elmes
clug at repose.cx
Tue Jan 20 01:29:01 GMT 2004
"Matthew Hawkins" <matt at mh.dropbear.id.au> writes:
> to spell that out loud since it seems many people just don't get it. It's up
> to the sending server to deal with the 5xx response it got from the recipient
> server.
There's no need to be inflammatory. The confusion earlier was based
upon the limited information initially available, not some fundamental
misunderstanding about the SMTP protocol.
Now you're well within your rights to reject email you're not
interested in, and yes, your servers are not directly generating any
additional email messages. But by doing so, you do risk badly
configured smarthosts generating bounce messages to forged
addresses.
By rejecting the mail instead of dropping or filtering it, you are
indirectly contributing to your problem. Perhaps you have decided the
collateral damage is outweighed by the benefits to your organisation.
Fair enough. But let's not pretend rejecting the mail is totally
inconsequential.
Regards,
--
Damien Elmes
More information about the linux
mailing list