Great Circle Associates Majordomo-Users
(July 2003)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Re: Avoiding mailloops
From: "s. barnes" <s . barnes @ uni-koeln . de>
Date: Sat, 12 Jul 2003 01:35:47 +0200
To: Daniel Liston <dliston @ sonny . org>
Cc: majordomo-users @ greatcircle . com
In-reply-to: <3F0F28D8.2060008@sonny.org>



On Friday, Jul 11, 2003, at 23:15 Europe/Berlin, Daniel Liston wrote:

Hi,

> susan barnes wrote:
>> Well, we did track the person down who started the loop and she was 
>> somewhat technically challenged, not doing it on purpose.
>
> Ignorance is no excuse, as until they become educated, they are
> likely doing the same stupid things to many others, not just you.
I think I have given up on the becoming educated thing, I work for an 
university :-).

>> (Given that we sent a few thousand emails to their info@ address on 
>> two separate occasions and nobody contacted us to find out what is 
>> going on, I would guess the above applies to the whole 
>> company/domain.)
>
> The info@ address is only an RFC suggestion, not a requirement.
They use it, they list it as support-address and the culprit told me 
she had to delete those mails from the inbox. Besides, even if those 
mails went to /dev/null it should be noticed by someone.

> So the other side of the request had an auto-responder "while" the
> address was being used interactively?  No problem, until they
> interact with automated processes.  Then they become danerous.
Exactly, and while I did bitch about their autoresponder, majordomo is 
guilty of the same behaviour.
I was hoping, that somebody had an out of the box solution. It never 
hurts to ask.

> What is the "other side" running as an autoresponder?  Does the
> autoresponder generate a new message, or include headers and body
> of the message being responded to?
I do not dare to ask, I have told them to pass my advice on to whoever 
does their technical stuff.

>> However our majordomo does more or less the same thing, when triggerd 
>> this way. So a third party could deliberatly cause a DOS-Attack on 
>> two systems with one simple email.
>> I am sure there are other people, who run autoresponders like this.
>
> Majordomo has "some" safety built-in against these kind of mail loops
> but with new software (some from programmers without a clue), it is
> up to us to keep updating our protection and configurations.
I will think about it. I just wanted to say it is not that pressing, 
but as I am writing somebody has just started to build the same kind of 
mailloop with another autoresponder.

> No vacation, auto-reply, or intelligent autoresponder is supposed to
> reply to a message with "Precedence: bulk" or "Precedence: junk" in
> the headers.

That is a good point, I will keep that in mind.

but:
mail from:s.barnes@uni-koeln.de
250 2.1.0 s.barnes@uni-koeln.de... Sender ok
rcpt to:majordomo@uni-koeln.de
250 2.1.5 majordomo@uni-koeln.de... Recipient ok
data
354 Enter mail, end with "." on a line by itself
from:s.barnes@uni-koeln.de
to:majordomo@uni-koeln.de
subject:test
precedence:bulk

lists
.

majordomo answers, can anyone confirm this?

>> This has been suggested, but taboo-headers do only work if the mails 
>> go via resend to an actual mailinglist, or am I wrong?
>
> I have to dig into the majordomo and majordomo.pl scripts to see if
> this is true.  I always "assumed" that GLOBAL taboo expressions in
> the majordomo.cf file would work for mail coming to majordomo as well.
> Otherwise you are correct in regards to individual listname.config
> files use of the taboo_* settings depending on resend.
I have tried it, and it did only work on real mailinglists, not on mail 
going directly to majordomo.

> The above should help, but as long as majordomo is willing by design
> to reply to "almost" anyone, the potential will always exist for a 
> loop.
Yes, but there must be ways to make this less dangerous, I have 
recently seen quite a few, "too many mails come back later messages" in 
our maillog. Maybe it is something that should be done by the MTA 
itself.

> I hope my comments and suggestions shine some light on the situation,
Yes, thank you for takeing the time.

Susan Barnes

Susan Barnes  <S.Barnes@rrz.uni-koeln.de>
Zentrum fuer Angewandte Informatik - Universitaetsweiter Service RRZK
Universitaet zu Koeln / Cologne University        - Tel:0221-478-5594



References:
Indexed By Date Previous: Re: Exim/Majordomo
From: Daniel Liston <dliston@sonny.org>
Next: Changing List Config Files.
From: Lee <lee_19712003@yahoo.com>
Indexed By Thread Previous: Re: Avoiding mailloops
From: Daniel Liston <dliston@sonny.org>
Next: Re: Avoiding mailloops
From: Kirk Bailey <idiot1@netzero.net>

Google
 
Search Internet Search www.greatcircle.com