On Tue, 19 Feb 2002, Grimes, Roger wrote: > Your second option, although widely implemented by lots of SMTP solutions, > could cause more problems than it solves. I believe that if the message > isn't RFC-compliant and coded correctly, it should be rejected, period. You are probably right, but that breaks the "robustness principle": be conservative in what you do, be liberal in what you accept from others (RFC 793, referring to TCP, but a widely-held philosophy in Internet standards.) I think that reformatting the message as valid MIME is a reasonable compromise, because it should ensure that MUA's interpret the message the same way the scanner did. However, when I have time, I will add the option to my scanner to reject suspicious messages of any type. Long term, though, the only way around e-mail-borne malware is to stop using susceptible programs like Windows and Outlook. It is this last step that people are reluctant to take. -- David.
This archive was generated by hypermail 2b30 : Wed Feb 20 2002 - 08:44:31 PST