Penetration Testing mailing list archives
Re: out of office auto replies (was Re: Mock Penentration Test Site)
From: Todd Burroughs <todd () devnull com>
Date: Tue, 24 Aug 2004 03:27:22 -0400 (EDT)
I am somewhat active on a few lists and pen-test is the worst for "out of office autoreplies". People, mailing lists are easy to filter out for autoreplies, do it. It looks bad when you send these things to a list like this, kind of lame... Todd Burroughs --- The Internet has given us unprecedented opportunity to communicate and share on a global scale without borders; fight to keep it that way. On Mon, 23 Aug 2004, Martin [iso-8859-2] Ma?ok wrote:
On Thu, Aug 19, 2004 at 09:26:27PM -0400, Tim wrote:I just posted the message below, and received over 20 responses from people's out of office auto-responders and from people whose mailboxes are no longer valid, etc. 1. People: please stop pissing in the pool. If you don't know how to configure your auto-responders to ignore list mail, then don't use them at all. They are a danger to yourself and others, as they advertize to the world what you use for mail, and they can be great targets for mail loops via spoofing.... they also advertize to the world that your house is (probably) free and that your identity could be "stolen" or in other way abused for social engineering (especially useful for phone games) during your vacation.2. Moderator(s): would you mind sending out a test message once a month or so, and fish out the email addresses that are blasting posters' inboxes? I know they do this on other Security Focus lists.That would not catch most of them I guess (month is too long and getting those test messages on every mailing list regularly would be extremely ugly). What about creating some special address @securityfocus where subscribers can forward those vacation autoreplies? If that address gets some number of posts about any sinner, it could re-test the sinner by itself (with an explanation) and kick the email off all the lists on a positive result. I'm sure it shouldn't be that hard to automatize it in a safe manner ... Unfortunately, the reply could come from different address than the one that is subscribed and in that case the sinner/subscriber could be almost untraceable for an automaton. Anyway, as a way of working off my energy and saving the world, I sometimes do "vacation remix" on replies I get, i.e. send vacation reply from person A to person B, from B to C etc... When they get back, maybe they will have a clue. From my experience, sending "do not do this becase XY" message to them does not result in them having a clue. They actually see the complainer as the one who is making troubles and the one who is annoying them. The best result you will achieve when they "get it" is "Ok, I'm putting you on my blacklist so this won't happen again. Happy now?" ... grrr ... Martin Ma?ok IT Security Consultant ### my .procmailrc rules for broken vacation autoreplies :0 B: * ^I(?m| will be| am) .*(out of|not in|away from|on) (the )?(vacation|office).* (between|from|until|starting|on vacation) vacation :0 B: * ^Je serai en vacance du .* au .* inclusivement. vacation :0 B: * ^Je suis actuellement en vacances jusqu vacation :0 : * ^Subject: Ofis Disinda Otomatik vacation :0 HB: * ^Subject: Vast: * ^Olen lomalla ja toimistolla seuraavan kerran vacation :0 HB: * ^Subject:.*(ist.*(Haus|im)|out of office) * ^Ich werde .* nicht im .* sein\. Ich kehre vacation :0 B: * ^Ich bin zur Zeit nur .* online vacation :0 HB: * ^Subject: Abwesenheitsnotiz: * ^Ich bin .* vacation :0 B: * ^.* has left the company. Please remove his name from your mail vacation :0 HB: * ^subject: (out of office|Abwesenheitsnotiz - Out of Office) * ^.*(?m| will be| am).*(out of|not in) (the )?office.*(from|until) vacation :0 HB: * ^Subject: Abwesenheitsnotiz: * ^Ich bin bis einschlie vacation :0: * ^Subject: Out of Office AutoReply: vacation :0: * ^Subject: .*\(Out of office\)$ vacation :0 HB: * ^Subject:.*R.*ponse_automatique.*absence.*bureau * ^Je serai en vacance du vacation ------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. http://www.securityfocus.com/sponsor/InfoSecInstitute_pen-test_040817 -------------------------------------------------------------------------------
------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------------------------
Current thread:
- Mock Penentration Test Site jwoloz (Aug 18)
- Re: Mock Penentration Test Site Nicolas Gregoire (Aug 19)
- Re: Mock Penentration Test Site Tim (Aug 19)
- out of office auto replies (was Re: Mock Penentration Test Site) Tim (Aug 20)
- Re: out of office auto replies (was Re: Mock Penentration Test Site) Martin Mačok (Aug 23)
- Re: out of office auto replies (was Re: Mock Penentration Test Site) Todd Burroughs (Aug 24)
- out of office auto replies (was Re: Mock Penentration Test Site) Tim (Aug 20)
- Re: Mock Penentration Test Site Robert Rich (Aug 20)
- RE: Mock Penentration Test Site Benjamin Tomhave (Aug 19)
- Re: Mock Penentration Test Site Gerry Eisenhaur (Aug 20)
- Re: Mock Penentration Test Site Skander Ben Mansour (Aug 20)
- RE: Mock Penentration Test Site Clement Dupuis (Aug 21)