The Wayback Machine - http://web.archive.org/web/20040402032704/http://www.oreillynet.com:80/pub/wlg/3682
O'Reilly Developer Weblogs
O'Reilly Network oreilly.com Safari Bookshelf Conferences
Articles Weblogs Newsletters Meerkat Learning Lab News

 
LinuxDevCenter.com
MacDevCenter.com
WindowsDevCenter.com
ONDotnet.com
ONJava.com
ONLamp.com
OpenP2P.com
Perl.com
WebServices.XML.com
XML.com


Developer Resources Partner

Perl
Java
Python
C/C++
Scripting
Web
Web Services
XML
Oracle
Networking
Security
Databases
Linux/Unix
Macintosh/OS X
Windows
.NET
Open Source
Wireless
Bioinformatics
The Missing Manuals


Traveling to
a tech show?

Canada Hotels
Discount Hotels
Hotel Search
California Hotels
Chicago Hotels
Hotel Discounts
Myrtle Beach Hotels



Atom Feed
RSS Feed
O'Reilly Open Source Convention: July 26-30, Portland, OR.

Most Recent | Webloggers | Topics | Top Weblogs   
Monthly Archives:    
One Question Certification Tests for E-Mail Filter Authors
chromatic

chromatic
RSS 1.0 feed for  chromatic. Atom feed for  chromatic.
Aug. 19, 2003 12:57 PM
Permalink

   Print.Print
Email.Email weblog link
Blog this.Blog this

URL: http://news.bbc.co.uk/1/hi/technology/3164861.stm

Sobig is back.

When I left my job as a system administrator back in 2000, I was glad never to deal with Windows boxes again, especially as two Windows viruses had recently decimated the internal network. (Yep, one in ten users had lost data.)

Several years later, only one computer I own has ever even had Windows on it, and that's because I bought it from a failing dot-com. (The hard drive was wiped before I bought it.) I guarantee I'm not spreading Sobig because I know Outlook and Outlook Express won't even install on any machine I own.

I can accept that there are Bad People on the Internet taking advantage of Unsecure Computers run by People Who Don't Know Better. That's why I have a firewall. I share a mail server with friends, and I read and send mail over a secure connection.

I also have mail filters, for obvious reasons. After I cleaned out over a hundred Sobig viruses this morning, I added a couple of rules to my filter and it's humming away (seven in the last ten minutes).

With that digression out of the way, I'd like to propose a simple certification examination for people who'd like to write new mail filtering and response systems. It's very simple, just one question. If you answer the question correctly, you're free to write your software. If you answer the question incorrectly, you cannot ever write mail filtering software. I'm sorry, but that's just the way it is.

The question is, can a From address be forged?.

There might be room for an advanced certification test that asks one more question, namely, if you detect a virus that forges From addresses, should you respond to the From address, knowing that it's likely forged?.

If the answers are obvious, you're probably overqualified to work on e-mail scanning software.

chromatic is the Technical Editor of the O'Reilly Network.

Return to weblogs.oreilly.com.




Sponsored by:

Creative Commons License This work is licensed under a Creative Commons License.
For problems or assistance with this site, email help@oreillynet.com