Date: Fri, 17 Feb 2006 15:06:16 -0800 From: "Ted Mittelstaedt" <tedm@toybox.placo.com> To: "jdow" <jdow@earthlink.net>, <freebsd-questions@freebsd.org> Subject: RE: sendmail autoresponder Message-ID: <LOBBIFDAGNMAMLGJJCKNGEGMFDAA.tedm@toybox.placo.com> In-Reply-To: <043601c63411$3ed54350$0225a8c0@oddball>
next in thread | previous in thread | raw e-mail | index | archive | help
>-----Original Message----- >From: owner-freebsd-questions@freebsd.org >[mailto:owner-freebsd-questions@freebsd.org]On Behalf Of jdow >Sent: Friday, February 17, 2006 2:27 PM >To: freebsd-questions@freebsd.org >Subject: Re: sendmail autoresponder > > >From: "Giorgos Keramidas" <keramida@ceid.upatras.gr> > >> On 2006-02-17 09:29, Ted Mittelstaedt <tedm@toybox.placo.com> wrote: >>> You do NOT want to setup an autoresponder like vacation! The >>> FEATURE method that Giorgos explained is the correct way to do it. >>> If your not using sendmail and your MTA cannot issue an error in >>> this fashion, you do not want to mess around with this. >>> >>> What happens with autoresponders is that spammers inadvertantly >>> trigger them. As a result the autoresponses get sent to thousands of >>> victims who had their names forged to the spammers message. Some >>> of those victim addresses are spamtrap addesses. >> >> Oh, crap! I hadn't thought of that. Good thinking there Ted :) > >There is no "inadvertantly" about it. If spammers find an open relay >or an open bounce they exploit it. And you get blacklisted. But, in this case the server isn't relaying or bouncing the spam, it is spitting back the canned vacation or whatever message, which is probably not what the spammer wants. The spam is going into the hapless vacationers inbox. The problem is that the blacklist servers on the Internet can't tell the difference between real live spam in their dozen or so spamtraps, and someone's "out of office" e-mail message in their dozen or so spamtraps. The situation is of course compounded when people pull shenanigans like wildcarding every incoming message for a domain name into an autoresponder, this used to be common when people renamed domains. But even a normal spam run can do it. For example sally@example.com goes on vacation. Spammer decides sally@example.com would be a good name to forge on a spam. Spammer transmits spam and thousands of bounces and many complaints bounce back to sally@example.com. Sally's vacation program then spits out thousands of vacation notices to mailer-daemon@yucketyyuck.com etc. domains, plus hundreds of vacation notices to idiot people who were complaining to Sally because they didn't bother looking at the header of the initial spam and seeing that it came from some other machine than example.com. Those people get the vacation notice in response to their complaint to Sally to stop spamming them, which causes some of them to forward those to spamcop, which initiates a blacklist. The same issue applies to those "click on my URL website to validate your e-mail message" autoresponding things. Those get people blacklisted for the same reason. Ted
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?LOBBIFDAGNMAMLGJJCKNGEGMFDAA.tedm>