![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
gizaIn years past, I used to have much more involvement with email and spam issues, and did my share tracking down the source of spams that came into my mailbox, and reporting them to the sender's ISP. During that time period, I came across my share of broken autoresponders that sat on abuse@ and postmaster@ mailboxes, that would improperly "report" spam complaints as spam, get into mail loops, or worse.
Eventually, the volume of spam, and more specifically forged spam hit such high levels that enough admins got the clue that since email is easily enough forged, having autoresponders that blindly trust the email message and send out an autoresponce based on that aren't such a hot idea. As the level of clue grew, autoresponder usage pretty much fell about the wayside.
Clearly the dumbasses at npgx.com.au missed that memo.
For your amusement, I present:
http://www.scribd.com/doc/2961223/postmasternpgxcomau-broken-autoresponder-part-12
and
http://www.scribd.com/doc/2961305/postmasternpgxcomau-broken-autoresponder-part-22
As best I can tell, the following events happened:
1) Someone at npgx.com.au received a spam from a RoadRunner user (rr.com).
2) They reported this to abuse@rr.com.
3) abuse@rr.com responded with a standard auto-responce.
4) postmaster@npgx.com.au responded to that auto-responce with one of its own. Except that it parsed the message it got from abuse@rr.com, saw other domains there like spam.abuse.net and haltabuse.org, and decided to CC about 20 odd admins of those domains, as well as admins of their mailservers. That's how I got that email -- I am also postmaster@haltabuse.org. (That's the first message linked above)
5) I repsond to their postmaster address, pointing out that their autoresponder is broken.
6) I get the same autoresponce, flagging *my* message as spam, and CCing my mail server admins. (Second message linked above)
7) ???
8)Profit! Whoops! I really meant to say: npgx.com.au fails spamfighting 101.
Looking back at the above chain of events, I'd say that #3 was mildly questionable, but not unreasonable. But #4? That kind of automated "we'll email everyone who is remotely connected with this message" is just plain stupid, and I don't recall seeing it at least the last 5 years. If that is how npgx.com.au deals with messages that they perceive as spam, I do not think they will be in the email business for much longer...
Eventually, the volume of spam, and more specifically forged spam hit such high levels that enough admins got the clue that since email is easily enough forged, having autoresponders that blindly trust the email message and send out an autoresponce based on that aren't such a hot idea. As the level of clue grew, autoresponder usage pretty much fell about the wayside.
Clearly the dumbasses at npgx.com.au missed that memo.
For your amusement, I present:
http://www.scribd.com/doc/2961223/postmasternpgxcomau-broken-autoresponder-part-12
and
http://www.scribd.com/doc/2961305/postmasternpgxcomau-broken-autoresponder-part-22
As best I can tell, the following events happened:
1) Someone at npgx.com.au received a spam from a RoadRunner user (rr.com).
2) They reported this to abuse@rr.com.
3) abuse@rr.com responded with a standard auto-responce.
4) postmaster@npgx.com.au responded to that auto-responce with one of its own. Except that it parsed the message it got from abuse@rr.com, saw other domains there like spam.abuse.net and haltabuse.org, and decided to CC about 20 odd admins of those domains, as well as admins of their mailservers. That's how I got that email -- I am also postmaster@haltabuse.org. (That's the first message linked above)
5) I repsond to their postmaster address, pointing out that their autoresponder is broken.
6) I get the same autoresponce, flagging *my* message as spam, and CCing my mail server admins. (Second message linked above)
7) ???
8)
Looking back at the above chain of events, I'd say that #3 was mildly questionable, but not unreasonable. But #4? That kind of automated "we'll email everyone who is remotely connected with this message" is just plain stupid, and I don't recall seeing it at least the last 5 years. If that is how npgx.com.au deals with messages that they perceive as spam, I do not think they will be in the email business for much longer...