AV/Spam Alert response messages
From: Russ (Russ.Cooper_at_RC.ON.CA)
Date: 08/21/03
- Previous message: SecureNet Service(SNS) Spiffy Reviews: "[SNS Advisory No.68] Internet Explorer Object Type Buffer Overflow in Double-Byte Character Set Environment"
- Next in thread: Alun Jones: "Re: AV/Spam Alert response messages"
- Reply: Alun Jones: "Re: AV/Spam Alert response messages"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 21 Aug 2003 11:32:43 -0400 To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Folks,
In this day and age where most virus infected emails are coming from spoofed email addresses, do you really think its prudent to have your AV gateways configured to automatically send notices? Marc Maifrett's email generated over 100 automatic responses to the list address, most copied to Marc's address also, and no doubt many more simply returned a warning to Marc's address only.
SoBig.F has generated an enormous volume of email traffic destined for addresses which had nothing to do with the email which caused the response. I've received more than 2,000 messages saying my email to such and such an address contained a virus...needless to say I didn't send any of them.
This is also true of spam messages. Many anti-spam programs automatically generate messages back to addressees it thinks are involved in the spam, either challenging the individual to show themselves to be a real person, or simply advising the message was deemed as spam and rejected. In either case, the responses rarely go to anyone who cares.
My point is that if we continue in this trend we are going to get to a point where email, probably the most valuable aspect of the Internet, becomes near useless with incorrect responses automatically generated by tools intended to make reading email less of a hassle.
Consider disabling these automatic responses. Consider the actual value they represent to you. If you happen to be one of the email domains used by SoBig.F, you must consider the volume of traffic you've received unnecessarily by these responses.
FYI, in addition to the 2,000+ responses I've received, I've received more than 8,000 copies of SoBig.F itself (just to two addresses.) I guess I should be flattered that so many people have either my or NTBugtraq's address on their disks...;-[
Cheers,
Russ - NTBugtraq Editor
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Whatever Happened to Octopus?
LEGATO RepliStor, formerly known as Octopus, delivers breakthrough
replication performance that's 5X faster than the competition in an
independent head-to-head test. Learn how RepliStor uses patented,
asynchronous, real-time replication, to deliver disaster recovery, data
distribution and consolidated backups. It is the first replication solution
to achieve Windows 2003 certification. Get the performance report now.
http://portal1.legato.com/products/replistor/upgrade.cfm
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
- Previous message: SecureNet Service(SNS) Spiffy Reviews: "[SNS Advisory No.68] Internet Explorer Object Type Buffer Overflow in Double-Byte Character Set Environment"
- Next in thread: Alun Jones: "Re: AV/Spam Alert response messages"
- Reply: Alun Jones: "Re: AV/Spam Alert response messages"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
