Products and Tools
Symantec Spoofing
3 Sep 2003
Symantec obviously knows that the SoBig email worm uses spoofing to make it look like the virus was sent from someone other than the actual sender. So why does their server-based antivirus tool insist on replying to the sender that their system is sending SoBig emails?
I’m getting several messages a day from mail servers protected by Symantec and others notifying me that I’ve been sending SoBig attachments. I’m not the one that’s infected. It’s a minor irritation to me because I understand what’s going on. But what about people who don’t know? They’re getting alerts from anti-virus companies, but they probably don’t know that it’s a false alarm. I can imagine the average email user being panicked that their system is infected.