At work, I get to read the helpdesk mail. The number one request today..
"I got this mail telling me I sent a mail with a virus! Help!"
Apparently, E-mail virus scanners still don't flag certain virus
types as "fakes From: addresses" and will send a reply on recieving
Outlook virusses telling a virus was found, to a From: address which
is an innocent third party.
Yes, I call them Outlook virusses because Outlook made e-mail virusses
It is August 2003. Outlook virusses have been widely known since April
2000 (the ILOVEYOU worm) and many of them fake the From: addresses using
addresses found on the infected system.
SysNet Mail Filter has this bug.
Norton AntiVirus For Microsoft Exhange has this bug.
Content Technologies SMTPRS has this bug.
TrendMicro AntiVirus has this bug.
ravmd has this bug.
"Scenarios" has this bug.
Symantec AntiVirus has this bug.
AMaViS has this bug.
ScanMail for Lotus Notes has this bug.
"AntiGen" has this bug.
ScanMail for Microsoft Exchange has this bug.
RAV AntiVirus for Linux has this bug.
Kaspersky Anti-Virus (KAV) for Linux Server has this bug.
Antiviral Toolkit Pro has this bug.
eSafe has this bug.
Brightmail Anti-Virus Technology has this bug.
MailScanner Email Virus Scanner has this bug in older versions. Update!
(more updates follow as I find more in my e-mail or get notified by others)
And the virusscanner that does know when not to reply via mail:
chromatic, technical editor of the O'Reilly Network proposes a
One Question Certification Tests for E-Mail Filter Authors
because he gets flooded with those same stupid responses.