Do you use autoreplies to outside e-mail?
Tim Rozgonyi
allow autoreplies to incoming outside e-mail without creating server
problems.
So, if you use either an Out-of-Office AutoReply or some other, please just
send me a note saying that you do. It will help convince a few concerned
parties here.
Of course, if you've had any problems with autoreplies, I'd be interested to
hear about that too.
Thanks.
Tim Rozgonyi
Assistant Technology Systems Editor
Pittsburgh Post-Gazette
412-263-1923
rozg...@post-gazette.com
http://www.post-gazette.com
Missy Koslosky [MVP]
things, as are autoforwards.
First, you could be setting yourself up for mail loops. Here's the
situation. Joe User sets up an auto-reply on his last day in the office for
a few weeks. All messages are now replied to with "Hi! I'm not here right
now, but if you need help, send a message to mailto:ma...@domain.com" Joe
obviously doesn't know about Out of Office replies, 'cause he's not too
bright. Joe sends a message to Jim Blow just before leaving, telling Jim
that he'll see him in a few weeks for that meeting. Problem is, Jim's also
got an auto-reply set up that fires for every message, 'cause he's letting
everyone know his e-mail address is changing. The next thing you know,
you've got a gorgeous loop going and nobody knows it until the server runs
out of disk space and promptly shuts down.
That's just one example of how to whack a server by allowing auto-replies.
I can do another 20 if you'd like.
In other words, just say "no".
--
Missy Koslosky
Systems Integrator/Analyst
Product Engineering
USinternetworking
http://www.usi.net
"When I eat jell-o I feel better; don't ask me to reduce it to a science" -
Ally McBeal
"Tim Rozgonyi" <rozgonyi@post-gazetteNO_SPAM.com> wrote in message
news:uxOJH$gV$GA.62@cppssbbsa04...
Mark Stedman
setup a different way, but we use them all the time. The first time you send
a message to someone, you get it. After that, nada.
Mark Stedman
Director, Information Services
http://www.lam.org
Missy Koslosky [MVP] wrote in message <#3LykdhV$GA.261@cppssbbsa04>...
>Egad. You're going to push to allow autoreplies? They're evil, nasty
>things, as are autoforwards.
>
>First, you could be setting yourself up for mail loops. Here's the
>situation. Joe User sets up an auto-reply on his last day in the office
for
>a few weeks. All messages are now replied to with "Hi! I'm not here right
>now, but if you need help, send a message to mailto:ma...@domain.com" Joe
>obviously doesn't know about Out of Office replies, 'cause he's not too
>bright. Joe sends a message to Jim Blow just before leaving, telling Jim
>that he'll see him in a few weeks for that meeting. Problem is, Jim's also
>got an auto-reply set up that fires for every message, 'cause he's letting
>everyone know his e-mail address is changing. The next thing you know,
>you've got a gorgeous loop going and nobody knows it until the server runs
>out of disk space and promptly shuts down.
>
>That's just one example of how to whack a server by allowing auto-replies.
>I can do another 20 if you'd like.
>
>In other words, just say "no".
>--
>Missy Koslosky
>Systems Integrator/Analyst
>Product Engineering
>USinternetworking
>http://www.usi.net
>"When I eat jell-o I feel better; don't ask me to reduce it to a
Missy Koslosky [MVP]
different. Trust me, I've seen it take down more than one server."When I eat jell-o I feel better; don't ask me to reduce it to a science" -
Ally McBeal
"Mark Stedman" <mste...@lam.org> wrote in message
news:uUXz25hV$GA.266@cppssbbsa05...
Tim Rozgonyi
Thanks Missy and John
Though we would like to use tailored autoreplies for each mailbox, we would
be happy to just use the Out of Office Auto Reply if we could. Our system is
currently set up so that Out of Office Auto Reply messages work only within
the building. We need to convince the head of Systems that you can safely
allow Out of Office Auto Replies to leave the building.
Thanks for your feedback.
Tim Rozgonyi
Assistant Technology Systems Editor
Pittsburgh Post-Gazette
412-263-1923
rozg...@post-gazette.com
http://www.post-gazette.com
"Missy Koslosky [MVP]" <mi...@mail-resources.com> wrote in message
news:#gsIKWiV$GA....@cppssbbsa02.microsoft.com...
> Nope. Exchange only sends one Out of Office reply. Auto-replies are
> different. Trust me, I've seen it take down more than one server.
> --
> Missy Koslosky
> Systems Integrator/Analyst
> Product Engineering
> USinternetworking
> http://www.usi.net
> "When I eat jell-o I feel better; don't ask me to reduce it to a
Chris Scharff
>Exchange only sends one autoreply to each e-mail address. Maybe you can
>setup a different way, but we use them all the time. The first time you send
>a message to someone, you get it. After that, nada.
Not to burst your bubble, but I've seen OOA loops as well. Rare, but
not impossible.
More problematic (in my way of thinking) is the security implications
of allowing OOA messages to the internet:
"Hi, this is Mike Poombah with Accounting, I'll be out of the office
until 2/22/99. I'm going to be on my honeymoon in beautiful Bermuda
with my new bride Julie. If you need anything immediately, please
contact my supervisor, Betty Boop at (555) 555-1212 or
bb...@company.com
Mike Poombah
Major Accounts Accounting Department
Some Company
Newark, NJ 55555-5555
(555) 555-8789"
I now easily have enough information to raise havoc. Beside being able
to look up Mike Poombah in the phone book and rob his house blind, I
can probably fake a call to their help desk and get his NT username/
password and with a bit more work, I can get onto their network and
glean whatever data I might come across. And just for spite, I think
I'll tender Mike's resignation to Betty.
And.. by enabling OOA replies, you'll also wind up sending them to
discussion lists which won't make any of the members terribly happy.
--
Chris Scharff
Exchange Administrator
BV Solutions Group
Be sure to read the Exchange FAQ:
http://www.swinc.com/resource/exch_faq.htm
Ton Boelens
preventing this from happening or of detecting mail loops?
If not so, it would be stupid!
Ton Boelens
Chris Scharff <cscharff@*NOSPAM*bigsecret.com> schreef in berichtnieuws
fbh27scre9lvo1b0b...@4ax.com...
Chris Scharff
>This is very strange indeed! Doesn't Exchange Server have any way of
>preventing this from happening or of detecting mail loops?
>
>If not so, it would be stupid!
Yes it has check in place to look for looping mail, but it's possible
to create a condition which isn't detected as a mail loop. Mail loops
are possible in _any_ mail system which allows automatic replies to
the internet, not just Exchange.
Ton Boelens
an administrator can apply?
BTW: in the FAQ I find nothing about this.
Chris Scharff <cscharff@*NOSPAM*bigsecret.com> schreef in berichtnieuws
h8rb7sgm4jika5rfh...@4ax.com...
Chris Scharff
>Could you elaborate on how this check works? Are there any settings involved
>an administrator can apply?
There are no administrative settings, it's part of the MTA code I
believe. My basic understanding is that Exchange looks at the message
ID among other pieces to determine if the message is unique or if it
has already processed it before. Previous processing would indicate a
looping condition. But, it's possible for a mail loop to occur in
which the standard checks don't (and most likely can't) reveal
anything wrong. I've talked with some of the Exchange developers and
while they're always trying to improve the loop detection abilities of
Exchange (among other things) there are certain conditions which can
occur and there's no way programmatically to distinguish that traffic
from a looping condition.
For example: I have a website which has a form people fill out for
more information.. It's a terribly popular website so I get 18,000
requests for more information each day and the form always had the
same "from" address. How do you distinguish that from a mail loop of
18,000 messages where the mailer on the other end creates a completely
new message each time it responds to a rule forwarding incoming mail
from your server? Programmatically, they look basically the same.
It might be possible to actually distinguish the two programmatically,
but not being a coder, the only methods I can think of would involve
checks that would on the surface seem to seriously degrade system
performance.
Missy Koslosky [MVP]
two Exchange servers, it'll run for a short time (I don't remember how
quickly it stopped itself, but it did stop itself) and then quit. If you
create a loop between Exchange and another system (we used GroupWise), it'll
go on until you stop it."When I eat jell-o I feel better; don't ask me to reduce it to a science" -
Ally McBeal
"Chris Scharff" <cscharff@*NOSPAM*bigsecret.com> wrote in message
news:oc4c7skg97ckuft5c...@4ax.com...
Rich Matheisen [MVP]
>On a side note, in testing we found that if you try to create a loop between
>two Exchange servers, it'll run for a short time (I don't remember how
>quickly it stopped itself, but it did stop itself) and then quit. If you
>create a loop between Exchange and another system (we used GroupWise), it'll
>go on until you stop it.
I think a good suggestion is to send the stuff with "Precedence: Bulk"
in the RFC822 headers and not have the rules reply to any message with
that value in the headers. And if the rule does respond to a message
with "Precedence: Bulk" it should reply to the "Errors-To:" header
value if one is present.
------------------
Rich Matheisen
MCSE, Exchange MVP
MS Exchange FAQ at http://www.swinc.com/resource/exch_faq.htm
Chris Scharff
said:
>On a side note, in testing we found that if you try to create a loop between
>two Exchange servers, it'll run for a short time (I don't remember how
>quickly it stopped itself, but it did stop itself) and then quit. If you
>create a loop between Exchange and another system (we used GroupWise), it'll
>go on until you stop it.
Yep, I've seen that behavior as well (Exchange to Exchange vs.
Exchange to MS Mail).