Re: virus and/or spam alert

[John Clement <clement@HAL-PC.ORG>]

> > The return address is optional
> > information and is easily changed in any good mailer.
>
> Again, strictly speaking, there is no such thing as a return
> address.  There is a Reply-to: field, plus a Sender: field
> and various other goodies.  Reference:  op.cit.

I used the same term that was mentioned in the previous message and tried to
avoid the technical terms.  I have read many of the relevant RFCs, and I
have written some intenet protocol programs.

> > The from address ... not easily changed in regular mailers,
>
> Huh?  It's two clicks in the Netscape mailer.
Ok, when I was thinking about the from address I was thinking of the POP
model which is one of the most prevalent models for E-mail transmission.
This particular model binds the user to one mailing point.  As far as
forwarding goes many systems are now restricting this feature to prevent
being used as relays for unsolicited messages.  The two  POP servers that I
use do not allow relays from outside sources and all mail then appears to
originate from the one address.  They only pass messages from inside to
outside or in reverse.  Part of the problem on the internet is that many
relay machines have been configured to allow relaying of any mail messages
from any source.  My messages all come from the same POP/SMTP server so they
could be easily verified.  The server allows me to pick up mail from
anywhere on the internet but will only allow me to send mail from my own
machine which is directly liked to my ISP.  I have not tested to see if my
ISP allows direct SMTP communication instead of through their server.

Yes it would be more difficult when the machine has different assigned IP
addresses, so then an address and mask might be necessary for validation.
This does not prevent spoofing by other machines within the same group, but
it does cut down on the possibilities.

Some of the current arrangements which provide freedom on the internet may
eventually have to be sacrificed in order to achieve better order and
security.  Eventually the probability of getting a destructive virus may
outweigh some of the inconveniences of providing better security.  At the
moment many machines on the internet do not check to see if messages are
correctly formatted.  My boss had a Mac which was sending mail without the
proper time stamp.  It worked for almost all recipients except for one at
Berkely (I think).  It took quite a while to find that he had not set the
timezone so the time was omitted.  Now if all recipients had bounced the
messages when incorrect it would have been found quickly.

One suggestion was made that messages could be limited to restrict
attachments, and the length of messages could be restricted.  If messages in
anything other than plan text with no attachments were bounced, there should
be no possibility of virus transmission.  The message length should be
irrelevant.  Of course that would bounce messages from some users until they
learned how to setup their mailers correctly.  Plain text should not even
require any virus scanning.  This is assuming that all of the recipient
mailing programs do not have some foolish back doors open.

I currently use an E-mail virus scanner and my ISP also scans with a
different brand of scanner.  In addition I have a tightly configured
firewall and a pretty good sandbox program.  Finally while I use Outlook, it
has the patch which removes all scripts and executables.  Am I really
safe???  Probably not, but I never open unknown attachments, and I have not
gotten a virus yet.  Does the security cause inconvenience?  Yup, but I get
used to it.  BTW I have a password on the firewall to prevent my teenage son
from changing it.

John M. Clement
Houston, TX