First, breath and take a moment and smile (at least if you're an American):
follow the link on this page I found while looking for IRS info (it is
worth the trip - it is a "Bureau Cam"):
http://206.29.114.211/randy/
Keep this in mind when reading the rest.
At 02:12 PM 9/23/97 -0500, James L. McGill wrote thusly:
The address itself IS very real. So is the individual who was quoted.
The malaprops was very real to us as well.
Malapropos? I don't follow - how is forwarding a message reguarding the
possible misuse of software this group uses, and often for the very purpose
of combating spam, inappropriate?
This situation was further exasperated recently where a programming glitch
^^^^^^^^^^^
Doesn't he mean exacerbated? That particular government agency is
The definition of exasperated includes "to increase the gravity or
intensity of." Seems to have conveyed the meaning well enough. Geez.
If you weren't ALREADY or considering forwarding mail to the address in
question, then the message - real, hoax, unattributed or not shouldn't have
mattered one bit. If on the other hand, you were forwarding mail, or
considering it, then Mr. Groleau's forwarded quote acted as a simple "heads
up" to look for further information before flooding the IRS - and possibly
ending up raising the ire of an organization I'm sure most people would
agree that you don't really want to piss off.
you realize just how little footwork is required to confirm it before
shooting off at the mouth?
At a minimum, headers from the message are required to take
even the first step. As with any report concerning email of
any kind. As you are well aware.
In the end, those headers are only definitive if you're the system
administrator at the originating site or the site which it initially
delivered the message to. Unless you have access to the logs on one of
those two systems, the headers are as much hearsay as an unattributed
message. True, useful for getting pointed the right direction, but no more
a confirmation of authenticity than an n'th generation photocopy of some
letter.
But this is the case of a message claimed to be an AUTORESPONSE from a
GOVERNMENT computer. The name of the author was given, not to mention the
government agency he works for. If you were to pick up a telephone,
exactly what two pieces of information do you think you'd need to look up
someone working for the federal government? I'd think that Agency and Name
would do nicely.
I didn't need any message headers to track down the author:
Inspector Andrew Fried
Internal Revenue Service
afried(_at_)nocs(_dot_)insp(_dot_)irs(_dot_)gov
V: (202) 622-3535
F: (202) 622-8681
(And the voice number is correct - it is the same number given to me in my
discussion with someone else at the IRS reguarding this very matter).
The text of his original post on the topic (where he invites people
receiving *MMF* info to forward it to the IRS) can be found, with
attribution (although from a personal email account) at:
http://www-lmmb.ncifcrf.gov/~toms/mmf.html
(note that this is a .GOV site, just in case you want to question the
verity of the source doing the quoting).
news.admin.net-abuse.email where it comes up periodically.
It came up today in the form of regurgitation, in a grammatically
weak message allegedly attributed to the IRS, without enough
information to enable a confirmation.
You should get used to not having ALL the details quoted to you then - that
simply isn't the way of the net. While it is much easier to digest
something if all the pieces are presented to you on a platter, it isn't
difficult to find a few pieces on your own with just a bit of work. If
you're concerned with the details or verification, you can perform it, and
then share the results with the others here, or wherever it is appropriate.
But I guess you should prepare to defend yourself from people who may think
you're spreading a hoax. Take a step back and look at the situation.
It smells like hoax to us, and so far, you are the one spreading it.
Please speak for yourself. "Smells like a hoax to you."
I was not speaking for you. I was speaking for myself and my
coworkers with whom I shared the rumor.
Uhm, if you felt it was a hoax, why share it around the office? Did you
need the olfactory assistance of others to come to this conclusion?
"Whoa, this stinks! Hey Fred, come here and smell this and tell me what
you think..." :)
You were quick to flame me.
The post, as well as this one, is not a flame. My description of a flame
is an out of control or unreasonable argument or attack. A disagreement
isn't a flame. Honest. Besides, if we'd exchanged flames, you'd be in my
twitfile by now.
And I wasn't as quick as you to reply to the incident - after all, I was
replying to YOUR reply to Mr. Groleau ...
I only said it had elements of a hoax. No attribution,
a very high authority cited as the originator (THE IRS for crying out
Reguardless, attribution WAS given -- had you failed to note the name at
the bottom of the quoted message? Must attribution only be in the form of
an email address now?
Simple fact is, there was a full name and a government agency identified.
Using the two of these (or even just the name in this case), we can
actually look the AUTHOR up and give 'im a jingle on the tele'. Or you can
search usenet/web for him, which would also have netted you a telephone
number (this isn't how I located him - as I said, he was given as a
reference by the root administrator of irs.gov / treas.gov which I'd
attempted to get in touch with a couple of weeks ago -- the G-men aren't
particularily good about returning phonecalls, unless perhaps you owe them
money).
loud), a sensitive subject to the audience (which is rather accustomed
to such hoaxes!), and poor grammar to boot. What was I supposed to
If proper grammar were required of everybody communicating, well, there
wouldn't be a whole lot of communication (geez, I'd be banned from the net
- as would most of the people here). Messages which are hastily put into
circulation to curb a (possibly overwhelming) technical problem tend not to
go through much of a proofreading before being sent.
Enough material goes through days of proofing and still gets sent out with
glaring technical errors (I've witnessed it -- but fortunately, I'm not a
proofer - aren't we all lucky!?). Doesn't matter if it is the government,
a software company, or an individual acting on their own. Judge not the
author by their grammar, lest you be judged the same way.
You should see the doozies management sends around after layoffs. Talk
about messages needing proofing.
think? I am skeptical. Made so from years of experience.
Skeptical is one thing. However, your "you are the one spreading it"
comment doesn't come off as merely being skeptical and asking for source
confirmation - it comes off as being accusatorial of the quoting author as
trying to develop or spread a hoax. From what I've read here so far, I'm
not the only one to pick up that same vibe. This is _exacerbated_ by the
fact that you posted a SECOND followup to specifically restate your belief
that it was a hoax -- your first message was good enough, and not directed
at the person who shared the news with this group (which is what I've taken
offence to -- that could have easily been me being accused).
Hey, it isn't as if I haven't said things that have been misconstrued on
occasion, or flown off at someone without backtracking for some research
first.
Now, more topically, a short while ago, I received a reply to one of my
emails to Inspector Fried. He indicates he has some meetings tomorrow, and
should be able to discuss the matter further on Thursday. I don't have
permissions from him at this time to quote his message in this forum, so I
won't do that. I will point out that he indicated that he's a computer
security specialist - not a PR person.
Perhaps I can convince him to post his plea directly to this list (the only
time in recent memory I can think of that the fact this list doesn't
require you to be subscribed might pay off), then those who wish to
question the authenticity of the message can check the archived source
message from the list server.
'Till then, hopefully those who are currently mass-forwarding all their
spam to the net-abuse(_at_)nocs(_dot_)insp(_dot_)irs(_dot_)gov address will
discontinue doing so
at least until the're satisfied that the request is in fact legitimate.
---
Please DO NOT carbon me on list replies. I'll get my copy from the list.
Sean B. Straw / Professional Software Engineering
Post Box 2395 / San Rafael, CA 94912-2395