On Friday, Jul 11, 2003, at 23:15 Europe/Berlin, Daniel Liston wrote:
Hi,
> susan barnes wrote:
>> Well, we did track the person down who started the loop and she was
>> somewhat technically challenged, not doing it on purpose.
>
> Ignorance is no excuse, as until they become educated, they are
> likely doing the same stupid things to many others, not just you.
I think I have given up on the becoming educated thing, I work for an
university :-).
>> (Given that we sent a few thousand emails to their info@ address on
>> two separate occasions and nobody contacted us to find out what is
>> going on, I would guess the above applies to the whole
>> company/domain.)
>
> The info@ address is only an RFC suggestion, not a requirement.
They use it, they list it as support-address and the culprit told me
she had to delete those mails from the inbox. Besides, even if those
mails went to /dev/null it should be noticed by someone.
> So the other side of the request had an auto-responder "while" the
> address was being used interactively? No problem, until they
> interact with automated processes. Then they become danerous.
Exactly, and while I did bitch about their autoresponder, majordomo is
guilty of the same behaviour.
I was hoping, that somebody had an out of the box solution. It never
hurts to ask.
> What is the "other side" running as an autoresponder? Does the
> autoresponder generate a new message, or include headers and body
> of the message being responded to?
I do not dare to ask, I have told them to pass my advice on to whoever
does their technical stuff.
>> However our majordomo does more or less the same thing, when triggerd
>> this way. So a third party could deliberatly cause a DOS-Attack on
>> two systems with one simple email.
>> I am sure there are other people, who run autoresponders like this.
>
> Majordomo has "some" safety built-in against these kind of mail loops
> but with new software (some from programmers without a clue), it is
> up to us to keep updating our protection and configurations.
I will think about it. I just wanted to say it is not that pressing,
but as I am writing somebody has just started to build the same kind of
mailloop with another autoresponder.
> No vacation, auto-reply, or intelligent autoresponder is supposed to
> reply to a message with "Precedence: bulk" or "Precedence: junk" in
> the headers.
That is a good point, I will keep that in mind.
but:
mail from:s.barnes@uni-koeln.de
250 2.1.0 s.barnes@uni-koeln.de... Sender ok
rcpt to:majordomo@uni-koeln.de
250 2.1.5 majordomo@uni-koeln.de... Recipient ok
data
354 Enter mail, end with "." on a line by itself
from:s.barnes@uni-koeln.de
to:majordomo@uni-koeln.de
subject:test
precedence:bulk
lists
.
majordomo answers, can anyone confirm this?
>> This has been suggested, but taboo-headers do only work if the mails
>> go via resend to an actual mailinglist, or am I wrong?
>
> I have to dig into the majordomo and majordomo.pl scripts to see if
> this is true. I always "assumed" that GLOBAL taboo expressions in
> the majordomo.cf file would work for mail coming to majordomo as well.
> Otherwise you are correct in regards to individual listname.config
> files use of the taboo_* settings depending on resend.
I have tried it, and it did only work on real mailinglists, not on mail
going directly to majordomo.
> The above should help, but as long as majordomo is willing by design
> to reply to "almost" anyone, the potential will always exist for a
> loop.
Yes, but there must be ways to make this less dangerous, I have
recently seen quite a few, "too many mails come back later messages" in
our maillog. Maybe it is something that should be done by the MTA
itself.
> I hope my comments and suggestions shine some light on the situation,
Yes, thank you for takeing the time.
Susan Barnes
Susan Barnes <S.Barnes@rrz.uni-koeln.de>
Zentrum fuer Angewandte Informatik - Universitaetsweiter Service RRZK
Universitaet zu Koeln / Cologne University - Tel:0221-478-5594
References:
|
|
