Misconfigured auto-responders.

[John E. Malmberg]

Abuse reports have been filed with the Taiwan ISP that is sending the 
bogus virus alerts spoofing the SAMBA.ORG domain as a sender.

They are also being filed with the domain that is issuing challenges to 
the mailing list.

Eventually the spamfilter will learn to identify them and issue SMTP 
rejects back to the sender.


In my last post, I got two out of office responders.

An out of office responder for e-mail or voicemail is the on-line 
equivalent to a pile of newspapers on your front door.

They should not be ever be sent to unknown recipients.

In television interviews, convicted criminals have testified that they 
have used them to get information to steal from companies.

These thefts have included getting company secrets or physical property 
mailed to them, including one of a kind prototypes, or convincing the 
company that the person out of the office authorized the payment for 
something.

Please do not send me e-mail asking if it was your auto-responder, just 
check your settings, and make sure that it can not deliver out side of 
your company or to a select list of people.

Most corporate e-mail systems allow assigning a secondary user to 
monitor the business e-mail while you are on vacation.


Also many anti-spam lists are spamtrap driven, and viruses / spam are 
sending using the e-mail addresses of spamtraps.  An out of office 
message sent to one of them can cause your mail server to be listed in a 
spam blocking list.

A spamtrap is an e-mail address that is hidden on a web site, but never 
used to send a real e-mail, so it should never receive any.

-John
wb8tyw at qsl.net
Personal Opinion Only