Re: OT: Subscribed addresses with auto-reply anti-spam systems

[Hal Vaughan <hal@thresholddigital.com>]

On Tuesday 03 January 2006 01:40 am, a.list.address@gmail.com wrote:
> (This has probably already been thought of and discussed.  I'm not
> even saying this is the case here, just some thoughts.)
>
> Could this be a new form of mild denial-of-service attack?  Imagine,
> someone who has a grudge against a mailing list finds some addresses
> that have anti-spam autoresponders like this one.  Then they set up
> some dummy addresses that do nothing but forward list posts to the
> autoresponding addresses.  Then anyone who posts to the list gets
> bogged down with autoresponders, and it's practically impossible for
> the listmasters to figure out which addresses are causing it.

I think it is more likely some idiot subscribed, was too frustrated or idiotic 
to unsubscribe, left it set up, and got removed, then wanted more info, and 
had a friend automatically forward all the e-mails to him, not realizing his 
idiocy was still causing problems.

I am slow to attribute to malice what can be explained by stupidity.

> Maybe the only way to track down the bad addresses is to examine
> subscription history and cross-reference that with the times that the
> autoresponses were first seen.

I would think it would work better to write a script that automatically cross 
references the DU and DD lists (since this jerk seems to be on both), and 
generate a one time email (like, "PLease confirm you are subscribed to this 
list!"), with each e-mail having a different ID number in it (or the ID in 
the subject).  Then when the e-mail gets bounced back or whatever, it would 
be a snap to match it with the person forwarding it.

But I'm sure there are those who are much wiser and much better hackers than I 
working on this one.

Hal