Clueless Mail Administrators

This really speaks for itself. Not only did the admins of this domain screw up by setting up their e-mail antivirus system to "bounce" detected virus messages (and as most of you know, the "From:" and "Return-Path:" headers in such viruses are nearly always forged/random), when I tried to notify them of it, the message bounced: their mail server was down! Also notice the "From:" line of the bounce had our domain, not theirs,. as the return address. Grr!!

I've used the nonexistent "" in place of where I found this, and (reluctantly) obfuscated the address of the company who operates this incorrectly set up mail server.

To: <>
Subject: Returned Mail: Error During Delivery
Date: Wed Feb 04 15:01:39 2004
Message-Id: <>

------ Here is your List of Failed Recipients ------

Mail Server is down or unreachable.

-------- Here Is Your Returned Mail --------
Received: FROM BY ; Wed Feb 04 14:50:57 2004 -0400
Received: by (Postfix, from userid 90210)
	id 0D1A613CDA0; Wed, 27 Feb 2002 19:45:01 -0500 (EST)
Message-ID: <15485.32141.475265.252666@gargle.gargle.HOWL>
Date: Wed, 27 Feb 2002 19:45:01 -0500
From: Patrick P Murphy <>
Subject: Please change your virus gateway settings.
X-Mailer: VM 7.18 under Emacs 21.2.1

If your webshield e-mail antivirus software detects MyDoom -- which
always forges the "From:" and "Return-path:" headers -- why are you
bouncing this message to someone who did not send it?  Please stop doing
this, it just annoys mail administrators.  Thanks.
 Patrick P. Murphy, Ph.D.           Division Head, CV Computing, NRAO
 Home:    Work:
 "Laws of nature are...just parochial by-laws in our cosmic patch"
                                                    - Martin Rees

------- start of forwarded message (RFC 934 encapsulation) -------
Return-Path: <>
Received: from ( [])
	by (8.11.6/8.11.6) with SMTP id i14HLqs25817
	for <>; Wed, 4 Feb 2004 12:21:52 -0500
X-MailScanner: Found to be clean
To: <>
Subject: Virus Detected by Network Associates, Inc. Webshield SMTP V4.5 MR1a
Date: Wed Feb 04 14:25:11 2004
Message-Id: <>
X-Mailer: Network Associates, Inc. Webshield SMTP, Version 4.5 MR1a 

Se ha detectado el Virus W32/Mydoom.a@MM en el archivo adjunto enviado
desde <> y ha sido eliminado
------- end -------

Pat Murphy