[vox-tech] the answer to all my virus problems

vox-tech@lists.lugod.org vox-tech@lists.lugod.org
Sat, 20 Sep 2003 18:30:24 -0700 

On Sat 20 Sep 03,  6:22 PM, Gabriel Rosa <grosa@ucdavis.edu> said:
> On Sat, Sep 20, 2003 at 06:15:32PM -0700, p@dirac.org wrote:
> > On Sat 20 Sep 03,  6:15 PM, Ken Herron <kherron@newsguy.com> said:
> > > --On Saturday, September 20, 2003 04:24:56 PM -0700 Rod Roark 
> > > <rod@sunsetsystems.com> wrote:
> > > 
> > > >Cool.  I wonder if there's an easy way to get Postfix to
> > > >notice these attachments at the front door, and drop the
> > > >connection before all 150K or whatever have been received.
> > > 
> > > Well, if the remote end sees the connection drop in mid-session, it'll 
> > > typically save the message and try to deliver it again later. So this 
> > > feature wouldn't be all that useful.
> > > -- 
> > > Ken Herron
> > 
> > why not?
> > 
> > let them huff.  let them puff.  and after 3 days, they'll give up on the
> > delivery.
> > 
> 
> The point being that 3 days of huffing and puffing might end up costing you
> more bandwidth than if you just swallow the message :)
> 
> -Gabe

but once the string is noticed, the connection is dropped.  compare the
string size of:

   4fug4AtAnNIbg

with the size of this: 

  28     Sep 19 MS Corporation  (2182) Latest Internet Critical Upgrade

which one do you think is bigger?  the real question is, by how many
orders of magnitude?   ;-)


no, i don't think so.  anyway you slice it, short of a full blown DOS
attack, i think a 13 byte string can be transered many times before it
becomes beneficial to eat a latest internet critical upgrade.

not to mention the fact that in a best case scenario, the system admin
of the remote system will get an email about a frozen message being
given up on.  he'll go investigate and notice "ohmigosh, i have a
virus!".  then he'll be so disgusted with the whole virus thing, he'll
go out and install linux on all the companies servers.  the money they
saved go into profit statements, which raise the value of their stock.
people notice the stock of the company is starting to rise and they want
a piece of the action.  the extra cash flow leads to higher production
and more income.  the business starts to flourish and the hire unix
system admins and programmers by the droves.  in fact, the hire you.
they pay you $250,000 per year to do opengl renditions of their product.

all because you drop the connection after a 13 byte string gets
transfered.

you'd be NUTS not to do it...

pete

-- 
GPG Instructions: http://www.dirac.org/linux/gpg
GPG Fingerprint: B9F1 6CF3 47C4 7CD8 D33E 70A9 A3B9 1945 67EA 951D