Auto-Responders Should be Illegal
Page 1 of 3 123 LastLast
Results 1 to 10 of 21

Thread: Auto-Responders Should be Illegal

  1. #1
    AO Security for Non-Geeks tonybradley's Avatar
    Join Date
    Aug 2002
    Posts
    830

    Auto-Responders Should be Illegal

    A few years back it made sense. If your email gateway scanned incoming messages and determined one to have a virus it seemed like it was the courteous thing to do to just quickly send a reply to the Sender and let them know that the message was infected and what it was infected with. Why not?

    But, such auto-responding to infected emails at this point should be illegal. Companies and entities that still auto-repond to virus infected messages should be fined for the bandwidth they are wasting and for contributing to the problem rather than helping it.

    All network and security administrators should know by now that MOST new viruses contain the ability to spoof the From or Sender of the email message and that there is virtually NO chance of the auto-response getting to the actual virus originator.

    This latest Sobig virus has had double or triple the impact it should have because misguided administrators haven't turned off auto-responders. Until or unless they can find another way to respond- looking at the packet headers for some other information besides the Sender or From information which is so easily forged.

    It is a little exasparating and soemone should mandate that auto-responders are simply not allowed anymore or something.

  2. #2
    Senior Member
    Join Date
    Jan 2003
    Posts
    1,499
    Yep,

    The number of users here who phoned and said "I have a virus alert for this e-mail that I ddn't even send"

  3. #3
    Senior Member
    Join Date
    Mar 2003
    Location
    central il
    Posts
    1,779
    A lot of the auto responding is comeing form email antivirus solutions. Those should know which virus spoofs headers in the sig for the virus, I think this one lands on the AV companies for haveing stupid autoresponders...common guys put some brains in them.
    Who is more trustworthy then all of the gurus or Buddha’s?

  4. #4
    AO French Antique News Whore
    Join Date
    Aug 2001
    Posts
    2,126
    Totally Agree!!
    -Simon \"SDK\"

  5. #5
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Tony: Thanks for the reminder.......

    My domains typically receive 10-20 infected mails per day so it hasn't been a big deal..... Last night alone I received over 300.......

    The autoresponder to the sender is being switched off right now.

    Thanks again.
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  6. #6
    Senior Member
    Join Date
    Mar 2002
    Posts
    442
    People are stupid.
    A group of people is a group of idiots.

    How can we prevent this from happening?
    Teach home end users *nix.
    Teach home end users that updates are there for a reason.
    Teach home end users common sense.

    Okay, maybe the last thought to teach common sense is too much to ask for, but would it be that hard for people to just stop being completely ignorant? Computer common sense is not too much to ask for. If you know absolutely nothing about computers, than learn before you use them. You don't go buy an ak-47 and start hunting sea gulls with it without first learning how to hunt, what to hunt, where to hunt, and that you are using too big of a gun to legally do anything.

    It's not even funny any more when you hear things such as the DMV was taken down by a worm that exploits a hole patched over a month ago. If people are that ignorant of computers, than stay off of them until you learn; and don't administerate them either. I really wonder who is the ******* admin, and what his excuse is in MaryLand, that he hasn't updated any of the computers in over a month, didn't have a firewall up, at least a good one, and was still using windows boxes for an important government service.

  7. #7
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Entropy: Gimme a break with your "*nix is better than Windows" flame.....

    NEWSFLASH: The OS is only as good as the Admin...... Period!!!!!!!!

    I just received this from a sysadmin that we provide Internet Access, email, web hosting and Security for:-

    I just wanted to say thanks for whatever you have done to protect us from the email viruses. I have people paying me to come to their homes and clean their machines, between the worm and the email viruses – it is truly crazy !!

    I have many IT friends who are doing major disaster recovery on their networks with some users getting hit over 1000 times a day.

    I know you have a ‘thankless’ job – so I just wanted to say “THANKS”!

    Penny
    This is a 650 user, Windows only network that has remained untouched by "evil hands" for the seven years it has been publicly available and has had only three minor virus outbreaks in 10 years usually caused by no patch/sig being available by the time we received it........ That's a very acceptable record with all those dumb users..........
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  8. #8
    AO Security for Non-Geeks tonybradley's Avatar
    Join Date
    Aug 2002
    Posts
    830
    Frankly- if all of the home users started using *NIx you would start seeing viruses and worms that exploit *Nix.

    Malicious code is written for the most target rich environment. There is CERTAINLY no shortage of flaws and vulnerabilities in *Nix machines. If a good percentage of the home user market adopted *Nix they would be easy targets for a worm or virus just like they are now.

    I agree with Tiger Shark- its not the OS, its the competency of the admin. I also agree though that users should not be operating computers on the Internet without SOME level of education about how to do so safely. We don't let people operate vehicles on the highway without learning to do so safely and we shouldn't just let any Joe Blow jump on the Internet with his unpatched and unprotected system- Windows or *Nix.

  9. #9
    Senior Member
    Join Date
    Oct 2001
    Posts
    748
    We block a lot of these types of messages at our internet firewalls. We also block all outbound NDRs. Which in some cases makes it difficult to know that things were not delivered, but we noticed that spammers were sending targetted messages into our environment to try and verify mail lists. Blocking NDRs pretty much effectively blocks this from occuring. We only block outbound NDRs. Another really annoying thing about emails is hosts that restricts mailboxes from receiving new items and are not smart enough to only send the NDR once. I have seen cases where a full mailbox has caused mail storms between companies.

  10. #10
    Senior Member
    Join Date
    Aug 2003
    Posts
    205
    tonybradley,

    I totally agreee with you man,,,,,,

    "We don't let people operate vehicles on the highway without learning to do so safely and we shouldn't just let any Joe Blow jump on the Internet with his unpatched and unprotected system- Windows or *Nix."

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides