Why do people do this? 3

[TheVampire]

I recently got yet another virus warning hoax e-mail. You've probably seen them. The ones that claim that a virus is on your PC, that anti-virus programs can't see it, and instructions on how to delete the supposed virus file, etc, BS, BS, etc.

Why do people forward these things? The recent one I got was from a person I know is not a dim bulb by any means. Do they think that because it's easy to forward the mail to everybody in their bloody address book ( using CC instead of BCC, no less ), that they just go ahead and do it without really thinking about it?

A couple of months ago, it was one of the other employees in our company that did this. I wrote her back and told her that "You should know better than this". She said she found my "attitude to be disturbing". I think she'd find a lot of people attitudes being disturbed if they deleted a critical system file from their machine and their PC died...

Robert

 

[EdwardMartinIII]

Stevehewitt: ...I have been runing a mail server here for the last 3 years. Long enough to feel the effects I would imagine. I have never had this problem.

Well, if you're just devnulling the e-mail and autoresponding to the reply-to, what effects are you expecting to see?

About 15 years ago, I wrote an autoresponder for a minicomputer system (Data General MV1000). A few of the older programmers thought they would knock me down a peg and wrote an autoresponder to my autoresponder. Five of them, one of me. The system slagged within minutes as our tools dueled. Eventually, the Admins killed my process (it was taking up five times more resources than the next nearest contender, of course, and nearly 100% of the machine's resources) and tongue-lashed me for being an idjit. I, of course, deserved it. Lesson learned.

I also cannot say that I have heard of a DoS attack from a spoofed email, although I am sure it has happened.

It certainly will contribute. As the number of ignorant auto-responders increases, the opportunities to wreak havoc increase as well! If 1000 copies of something wrote to you with the same innocent reply-to address every twenty seconds, you would automatically hammer that address with your well-intentioned e-mails. If I were malicious and I knew you and fifty other people who used autoresponders, I could really cause some damage and it would use up only a fraction of the resources normally, thanks to your well-intentioned autoresponder!

Personally, I would prefer to be informed and clean, than not have a email and be infected. Short sighted maybe, wrong probably, logical - yes.

It is based on the false assumption that the person who sent you the virus has the virus. Autoresponding does nothing to ameliorate the problem and, in fact, exacerbates it. I fail to see the slightest hint of logic here.

The autoresponse might have been a good technology at the time (much like bleeding people out for infections), but its power has been shanghaied and now it serves only Mordor.

Cheers,


Edward

"Cut a hole in the door. Hang a flap. Criminy, why didn't I think of this earlier?!" -- inventor of the cat door

 

[Stevehewitt]

I think we are going to have to agree to disagree. I would still rather have 1000 emails in 1 minute or so (which I do believe most modern mail server can take. Mine simply routes (if it can), queue if not, and then bounce. Also any emails that cannot get to our server go to another server hosted by our ISP as backup. So no mails lost - even if my server got a DoS attack.

Interesting topic, and I can see your point of view. But personally I still cannot understand what is wrong with autoreplies. Its like saying out-of-office replies should be stopped for the same reason.

Anyway, enough of this topic! Agree to disagree?!

Thanks,




Steve Hewitt

 

[Grenage]

Just before this thread dies I have to throw my opinion in

I also agree that auto replies are the devils work, when it comes to email the only thing worse is an open relay. Auto responses are responsible for so many message loops and wasted bandwidth. (And I include OoO replies in this, although they only send 1 response back it will let a spammer know that you are there).

 

[lionelhill]

SteveHewitt,

if I get 1000 messages from you, maybe our mail server and its excelent connection to the outside world will cope, but the personal space our admin (quite reasonably) allocate to me will not cope with it (and it will take me all morning to delete the wretched things).

This really would deny me access to my e-mail.
If, as a result of automatic messages, that job-offer in the 50K pounds region (that I'm expecting tomorrow. Ha Blooming Ha) gets bounced, I'm not going to be amused.

EdwardMartinIII makes some serious points!

 

[SteveTheGeek]

At the risk of beating a dead thread, I have a similar OoO horror story - a tech at a network fixit shop a few years ago had his email set to always forward to his home account. He went on vacation for a week, but not before setting his home email to forward to work (for reasons I've never been clear on). An hour or so later (just after he'd gotten on the plane and was unavailable) the Great Alaska Mail Server Shootout began. Unsurprisingly, the Groupwise server in our office filled up and went down before the ISP's did, but (given the inevitable massive overcapacity in a network consulting company's geek-maintained mail server and the fact that the ISP wasn't exactly Earthlink-sized) it was in doubt right up until the end, we found out when comparing notes (and apologizing) to the ISP later.

Unfortunately that can't happen to Exchange nowadays, and I would imagine Groupwise has it fixed also, to say nothing of mailbox limits being more common now.
-Steve

 

[EdwardMartinIII]

Stevehewitt: But personally I still cannot understand what is wrong with autoreplies. Its like saying out-of-office replies should be stopped for the same reason.

It is not. In this instance they are two totally separate things.

Autoresponding to a virus has no, zero, nada, nil effect because in all likelihood, the from address and the reply-to address have been spoofed and are those of an entirely innocent person. Right now, look at your in-box. If you had one of these viruses, anyone running an autoresponder similar to yours would send a letter to each and every person on that list. You wouldn't receive one because the very last thing the virus is interested in is identifying its actual source.

Autoresponding via Outlook is a totally separate thing -- the assumption there is that the person writing to you isn't doing so maliciously and doesn't have a bogus/spoofed reply-to address. When I set Outlook to autoreply, it is with the expectation that the sender is the real sender. Furthermore, Outlook only responds once to each sender, which was one of those rare thoughtful moments on Microsoft's behalf.

A closer analogy would be you just periodically selecting everyone in your in-box and sending them e-mail warnings about a new virus. Just in case they have it. The odds are basically the same in both cases that they are infected by a virus.

Now, look at it from the point of view of the poor slob receiving the e-mail. Chances are, he doesn't have a virus at all. Or say he spends a couple of hours of time better spent downloading naughty pictures updating his virus software and reaming through his system to make sure he ain't got nothing. Okay, he's clean.

Then another note arrives. And another. And another. And another.

He doesn't have a virus, never had a virus, and never will and yet he gets hammered repeatedly by some script out there.

And they're all from some dumb autoresponder. Hosted by you.

What would be wrong with simply devnulling the suspicious e-mail? Just can it. If you want to put it in a "suspected virus" folder, great, but just can it -- don't bother trying to "help" someone. If you feel like digging through the headers and actually tracing one 'cause you're bored (I've done this on occasion, just to decrease local karma-entropy) and want to help the person you actually think has a virus, fine, but for the sake of a network already chock full of useless junk, please consider the facility of an autoresponder in this circumstance. It does not serve the purpose for which you intend and furthermore exacerbates the problem by multiplying junk e-mail.

Now looping -- that's funny!

Cheers,


Edward

"Cut a hole in the door. Hang a flap. Criminy, why didn't I think of this earlier?!" -- inventor of the cat door

 

[Stevehewitt]

LOL. I really think I could argue this topic till I am blue in the face! I am understanding of your point, and you have got me thinking about it a bit more.

For the mean time i will ponder on it and we shall agree to disagree?!



Steve Hewitt

 

[EdwardMartinIII]

I agree that I was a dunderhead () for forgetting my close-italic code and for not actually using the Preview Post option, which would have made it obvious. Yikes!

I don't need any kind of agreement or anything, dude.

I think I've explained myself well enough and you seem to understand what I was tryin' to say, so no worries. That was the only goal.

Cheers,


Edward

"Cut a hole in the door. Hang a flap. Criminy, why didn't I think of this earlier?!" -- inventor of the cat door

 

[MichealC4]

That was the only goal.

Ditto that.

I am Comptia A+ Certified