On Wed, Jun 27, 2001 at 02:14:15PM -0400,
Valdis(_dot_)Kletnieks(_at_)vt(_dot_)edu wrote:
On Wed, 27 Jun 2001 18:44:41 BST, A James Lewis
<james(_at_)fsck(_dot_)co(_dot_)uk> said:
I notice also that ALL of the autoresponder messages come from "Internet
Mail Service" Microsoft software.... No surprises there then!
I used to send a canned note to people who did that, explaining that it
was poor netiquette, but gave up when I noticed that:
(a) 99% of the offenders were using that software
(b) I have *yet* to find somebody who can tell me how to configure said
software to not reply to mail that comes from owner-* or *-request addresses.
If somebody has a "choose this tab, select that, type this" cookbook, please
let me know....
I went round and round with our people about this (we have over
70 lists with over 50,000 subscribers at Internet Security Systems).
Someone was finally able to tell me that recent versions of Exchange
will not autorespond to messages with Precedence set to "bulk" but will
autorespond to messages with no Precedence setting or with a Precedence
setting of "list". They are keying on the string, not the numeric
value. All of our list messages now go out with the "Precedence: bulk"
header to eliminate that much.
Of the remainder (older versions of Outlook and Exchange), many
violate SEVERAL rules of autoresponders such as never autoresponding
to an autoresponder an responding more that once to a given address.
If you think about it, this is a DoS attack waiting to happen. Just get
a few of these and spoof messages them from each of them. :-) Fundamentally
evil and fundamentally SIMPLE. And, yes, I know of one individual who
actually got fed up with two particular others and did that to them. They
had been warned and they set up the autoresponders anyway. They came
back to over 8,000 messages and mailboxes overlimit. They blamed each other,
of course, and they were right... Just for the wrong reasons. :-)
And, no, it wasn't me that done that.
Recent versions of Outlook, Outlook Express, and Exchange avoid
both of those damaging misbehaviors as well, so it's only chumps^H^H^H^H^H^H
victims^H^H^H^H^H^H^Husers with software that is overdue for an update.
--
Valdis Kletnieks
Operating Systems Analyst
Virginia Tech
Mike
--
Michael H. Warfield | (770) 985-6132 | mhw(_at_)WittsEnd(_dot_)com
(The Mad Wizard) | (678) 463-0932 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!