On 2009-03-11, at 0624, Lendvai Péter wrote:
Thanks John, that is exactly what I mean and what I am afraid of. Btw, our mail server got already an abuse warning due to this behaviour. Hopefullyspammers do not know and do not try to exploit this potential vulnerability.
they DO know about it. if they didn't, you wouldn't have been reported for abuse.
the problem isn't limited to that particular "autorespond" program, either... any autoresponder or "vacation" message program which includes the original message in the response can be hijacked by spammers, and there are some spammers who actively search for them. i see probes for "sales@", "info@", "help@", and other common autoresponder names, in my logs all the time. (of course none of these addresses exist, and i reject RCPT commands for non-existent addresses, so no real damage is done- just wasted bandwidth and CPU cycles.)
---------------------------------------------------------------- | John M. Simpson --- KG4ZOW --- Programmer At Large | | http://www.jms1.net/ <[email protected]> | ---------------------------------------------------------------- | http://video.google.com/videoplay?docid=-1656880303867390173 | ----------------------------------------------------------------
PGP.sig
Description: This is a digitally signed message part
!DSPAM:49b8000d32683231810464!
