on Tue, May 04, 2004 at 05:56:23PM +0200, Florian Ernst (florian@uni-hd.de) wrote: > Hello! > > On Tue, May 04, 2004 at 03:12:07PM +0200, Hans du Plooy wrote: > > Is this spam or is someone actually posting in whatever this language > > is? I see this sort of mail often, sometimes it's obviously spam > > considering the URLs, but this one doesn't have any > > It is Japanese. <...> > (More or less literal translation) > > Yes, it is time for another rant against stupid auto-replies like this > one. Anyone's welcome to the following. Also included in the amazing, the astounding, the phenomenal rant-o-matic! A/k/a the vfam! http://linuxmafia.com/~karsten/Download/rant-o-matic.tar.gz Clip and save. Rights to use, copy, modify, distribute, freely, with attribution. ------------------------------------------------------------------------ Turn off your viral autoresponder, if you are using one. Ensure that your mail server is generating 5XX *REJECT* messages, *NOT* sending a notification to the 'From:' or Envelope From sender, as these are SPOOFED. If you *cannot* make an SMTP-time assessment of deliverability of a message, filter content for obvious viral and spam signatures, and do not generate nondelivery notices for such messages, as they frequently spoof sender. Not taking these precautions makes you a vector for a DDoS Joe-job attack: The Joe Job DoS attack By John Leyden Published Tuesday 6th April 2004 17:30 GMT http://www.theregister.co.uk/2004/04/06/joejoe_dos_attack/ A problem with the way that non-delivery notifications are sent by many mail servers could be exploited to launch "mail bomb" denial of service attacks. Incorrectly configured mail servers may respond to mail delivery failure with as many non-delivery reports as there are undeliverable cc: and bcc: addresses contained in the original email. By forging the source of an email, hackers could bombard systems with spurious emails. MyDoom is the worst virus ever By John Leyden Published Wednesday 28th January 2004 13:11 GMT http://www.theregister.co.uk/content/56/35174.html Just like SoBig-F, much of the huge volume of crap generated by MyDoom is the result of auto-responder messages. As well as replies that someone is out of the office users are getting a stream of accusatory messages from anti-virus gateway products accusing them of sending a virus. Auto-responders magnify Sobig problem By John Leyden Published Wednesday 20th August 2003 17:30 GMT http://www.theregister.co.uk/content/archive/32434.html Graham Cluley, senior technology consultant for Sophos Anti-Virus, said that the current generation of anti-virus gateway products are incapable of determining the email address in a virus contaminated email are spoofed. "In the circumstances, it might be better for people to turn off their auto-responder," Cluley advised, adding the auto responder messages could be taken of an accusation that someone wholly innocent was sending out viruses. Also: http://www.businessweek.com/magazine/content/04_12/b3875032.htm http://www.attrition.org/security/rant/av-spammers.html My own systems are not susceptible to legacy MS Windows viruses (I run GNU/Linux exclusively). For sites unfortunate enough to rely on Microsoft products, such false reports waste staff and administrative time on wild-goose chases. Your email system is generating "bounce" messages to spoofed "from" addresses. These are widely considered spam on the UBE basis: - Unsolicited? Check - Bulk? Check - Email? Check The sending address has been added to the local spamlist; any further mail from that address will be treated and reported as spam. Multiple such reports *will* result in your site being listed on spam-origin lists, including SPEWS, SpamCop, Spamhaus, and others. Further similar messages from your domain will be reported as spam. Any prior and subsequent mail can and will be forwarded to public services not limited to NANAE (news:news.admin.net-abuse.email) at my sole discretion. All "confidentiality" email disclaimers are specifically rejected. Thank you. ------------------------------------------------------------------------ Peace. -- Karsten M. Self <kmself@ix.netcom.com> http://kmself.home.netcom.com/ What Part of "Gestalt" don't you understand? And can you imagine fifty people a day? I said FIFTY people a day... walkin' in, singin' a bar of "Alice's Restaurant" and walkin' out? Friends, they may think it's a MOVEMENT! - A. Guthrie
Attachment:
signature.asc
Description: Digital signature