LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   False virus warnings - can we do something against them? (https://www.linuxquestions.org/questions/linux-security-4/false-virus-warnings-can-we-do-something-against-them-180313/)

J_Szucs 05-11-2004 10:49 AM
False virus warnings - can we do something against them?
 
We receive far too much viruses nowadays from the internet, but our mail system is tightly secured, and none of them can get through.

However, we get more false virus notifications from badly configured mail servers saying "You sent us a virus" than actually viruses! Since these are legal mails, these notifications are allowed through to the users.

You would be highly frustrated by this fact, too, if you had a boss like mine, who is able to call for me the hundredth time looking me suspiciously and telling me: look, they say I sent them a virus!
I tell him hundredth times how to find out if the referred mail was actually sent by him (it never happens), but he will call me the next time with the same stupid question.

Nowadays, I just realized that it is not he who is to be blamed: users were ever stupid and this is something that never changes.

The problem lays with the system administrators of those mail servers sending out these false virus notifications.

They not only configure their foolish notifications, but, at the top of all (and in a growing number) they tend to not sending you the header of the viral mail, so you will have nothing to find out what they are speaking about.

The same guys will configure their mail servers to send the whole mail back to the (spoofed) sender if it was sent to an non-existing addressee. Consequently their mail server will operate as a viral mail relay for anyone on the internet.

How can these administrators think these notifications have the least chance to get to the real sender of the viral mail?
Why do not they realize that their mail server is relaying viruses for the internet?

Or, a rather phylosophic question: why is every single idiot allowed to configure mail servers?
They do almost as much harm as virus writers: they rob bandwidth and time.

I would be glad if they were only those stupid windows guys, but nowadays I see more and more badly configured mailservers using Linux.

This is a great site with more than 100k users.

Could you do something for these guys to make them aware of what they are doing?

jailbait 05-12-2004 10:46 AM
"However, we get more false virus notifications from badly configured mail servers saying "You sent us a virus" than actually viruses!"

Here is a story that might be helpful:

http://www.tomshardware.com/hardnews...12_103202.html

-------------------------
Steve Stites

320mb 05-12-2004 11:41 AM
quote from above story:
Quote:
OptInRealBig.com claims that its emailings stays within the law and are sent out only to people in the US who sign up for the service. According to Richter, more than 100 million emails are sent every day from his servers which are all located the US.
I seriously doubt this many Americans opted-in to get this guy garbage email!!

J_Szucs 05-13-2004 06:09 AM
It is a sad thing to happen.

However, spams are an other story; users more or less got used to them, so no user will go to you: "look, I think I got a spam".

But the users will bother you (the system administrators) any time they suspect that their system is infected. And those false virus notifications make them think that.
This does not change, no matter if I try to write or tell my users not to believe these notifications, they are still anxious anytime they get one.

That is why I blame those system administrators who - out of deep ignorance - configure their mail servers to send out useless and false virus notifications.

J_Szucs 05-17-2004 10:32 PM
OK, I have setup procmail to trash any mail that seems to be a virus warning.

Now those guys can do what they want.


All times are GMT -5. The time now is 10:37 PM.