[Asrg] enough about backscatter
John Levine
johnl at taugh.com
Fri Jan 16 02:50:54 PST 2009
>Therefore, if you always 5xx messages which are known to contain
>malicious content, some fraction of those rejections will result in
>notification messages which are likely to contain that malicious
>content.
... and as Chris has told you several times, that fraction has been
observed to be less than 1/1,000,000, orders of magnitude less than
the rejections that alert real users to false positives. So stop.
Perhaps it's time to amend the ASRG charter to exclude easily
visualized but actually hypothetical threats. If you disagree that
they're hypothetical, first you have to go get real data to support
your claim.
Regards,
John Levine, ASRG chair
More information about the Asrg
mailing list