Out of Office AutoReply = Security Risk to Your Company.
David J Dachtera
djesys at comcast.net
Wed May 18 00:38:19 GMT 2005
I sincerely doubt that anyone could convince a corporate entity to disable
any feature of their beloved LookOut! - not the Out of Office wizard, not
the prevue pane (portal for many mail-borne viruses/worms/trojans), not
HMTL e-mail (malicious payload enabler), ...
D.J.D.
At 08:04 AM 05/17/2005 -0400, John E. Malmberg wrote:
>Folks,
>
>Convicted criminals have stated that they use these messages on phones
>and probably now e-mail to steal from companies. They have stated that
>the easiest way to steal from a company is to impersonate the identity
>of someone known to be out of the office.
>
>Some of these criminals have made the headlines of the traditional press
>with these exploits because the thefts have been with very high amounts.
>
>IIRC: On U.S. TV, a demonstration was done where the tester was able to
>get the dialup phone numbers and a senior (VP level) employee's login
>account and password reset, all the while that the employee was trying
>to demonstrate that their system was secure from skilled hackers on that
>same TV show.
>
>Secret prototypes have been stolen, along with confidential documents.
>And the dollar amount has been in the high thousands, if not in the
>million dollar range from just one of these criminals.
>
>I strongly recommend just turning off the out-of-office feature completely.
>
>In addition to the security problems, these messages will auto-respond
>to forged addresses in spam and viruses, and this turns your mail server
>into a participant in a denial of service attack on the rest of the
>Internet.
>
>Most corporate mail systems allow mail to be temporarily read by a
>secondary trusted user. Use that method instead.
>
>If you have any influence with the security policy of your company, get
>these auto-responders banned, and the same for having any phone messages
>that indicate how long your identity can be spoofed with no one at your
>company being able to easily reach you.
>
>Essentially these messages are now the same as not stopping your news
>and mail delivery while on vacation.
>
>And mailing list traffic is clearly marked so in the headers, so any
>auto-responder that responds to them is not compliant with RFC standards.
>
>In addition to the messages to this list, I got two messages from broken
>auto-responders from my last post.
>
>-John
>wb8tyw at qsl.network
>Personal Opinon Only
>
>PLEASE READ THIS IMPORTANT ETIQUETTE MESSAGE BEFORE POSTING:
>
>http://www.catb.org/~esr/faqs/smart-questions.html
More information about the samba-vms
mailing list