[Asrg] virus detectors, was where the message originated
SM
sm at resistor.net
Wed Jan 14 07:56:34 PST 2009
At 04:01 14-01-2009, John Levine wrote:
>When I catch a virus and the sending IP is one for whom I have a known
>contact address, I send off an autoreport with the first 50 lines of
>the virus (in case they're wondering what virus it is), and the first
[snip]
>Nonetheless, I have problems all the time with my reports being
>rejected by poorly written virus filters. In one case they've been
>adding me to a virus sending blacklist, telling me that even though
>they know I'm not sending viruses, their AV detects it so it must be
>my fault. Sheesh.
You also get that kind of reply (if detectors says so, then it must
be true) about spam.
At 01:24 14-01-2009, David Wilson wrote:
>I would be surprised if a non-malicious message would fall foul of AV
>software unless it contained some kind of executable content. It should
>not be surprising that a message with executable content runs into
>problems.
The usual document formats (PDFs, .doc, etc) are also scanned for
viruses nowadays. They can fall foul of Anti-virus software. The
report (see first paragraph above) would have helped in identifying
problems if the postmaster actually cared about mail delivery.
Regards,
-sm
More information about the Asrg
mailing list