Detecting Autoresponders
![](https://secure.gravatar.com/avatar/c5321d416c09bdba89358759601af573.jpg?s=120&d=mm&r=g)
Is there something specific Mailman is looking for to detect autoreponders, like Out of Office messages? We had an incident this weekend with an autoresponder sending an out of office message over and over and over....to a list.
This particular autoresponder is not known to be broken. Its worked well in the past with Mailman.
I note the header of the message from the autoresponder contains
X-Autogenerated: Reply
But I am not sure what Mailman looks at when trying to determine what is an out of office or other automatic message.
--Karl
![](https://secure.gravatar.com/avatar/56f108518d7ee2544412cc80978e3182.jpg?s=120&d=mm&r=g)
Karl Zander wrote:
Is there something specific Mailman is looking for to detect autoreponders, like Out of Office messages? We had an incident this weekend with an autoresponder sending an out of office message over and over and over....to a list.
[...]
But I am not sure what Mailman looks at when trying to determine what is an out of office or other automatic message.
As far as posting to a list is concerned, Mailman is looking for an X-BeenThere: header with the list address. It does look at a Precedence: header and will not process commands from or autorespond to Precedence 'bulk', 'junk' or 'list' messages, but it will forward them to the list if they aren't held, rejected or discarded for some other reason. It doesn't specifically try to identify autoresponses.
I would say the autoresponder is broken if it is responding repeatedly to the same address on behalf of the same recipient. I would also say it's broken it it responds to the list for an individual message (not a digest) unless the list is anonymous and puts the list address in the From: of delevered posts. Finally, this is probably more controversial, but I think it's broken if it can't identify its own autoresponses from Message-ID: or something else and not respond to one of its own messages.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
![](https://secure.gravatar.com/avatar/713254a8a32975b3c41d0f679628df85.jpg?s=120&d=mm&r=g)
On 6/28/2009 8:15 PM, Mark Sapiro wrote:
I *REALLY* /wish/ that was the case. I've got an end user that has set up an Out of Office (a.k.a. OoO) auto-reply in Outlook that is replying to every frigging message that comes in.
OoO auto responders usually reply to the From: (header) address of messages as they have on concept of the SMTP envelope sender. So if the mailing list either sets the From: or Reply-To: header, that's where the OoO replies will go.
I have seen more than a few OoO auto-responders that generate a completely new message to the From: / Reply-To: address with out any form of identification as to who it is replying to.
In my opinion, OoO auto responders are probably some of the worst things in email. I've been in an environment where two OoO auto responders were battling with each other and generated almost 100,000 messages over a weekend.
Grant. . . .
![](https://secure.gravatar.com/avatar/987f59c713c470a1bd79f862bf95b919.jpg?s=120&d=mm&r=g)
Am/On Mon, 29 Jun 2009 00:27:22 -0500 schrieb/wrote Grant Taylor:
we immediately ban people sending autoresponses to a list. We've put that in our list rules.
Basically it's up to the list participant to set up his/her autoresponder to not reply to any list messages.
Probably one could set up a filter or something to catch most of the autoresponses and filter them out. cheers, Matthias
![](https://secure.gravatar.com/avatar/682b7115267957111b90d648ac5ab780.jpg?s=120&d=mm&r=g)
On Mon, 29 Jun 2009 00:27:22 -0500 Grant Taylor <gtaylor@riverviewtech.net> wrote:
Hello Grant,
OoO auto responders usually reply to the From: (header) address of messages as they have on concept of the SMTP envelope sender. So if
Like Matthias, I ban users that use auto-responders. No amount of begging, apologising or offering me money(0) has, so far, got any of the offenders back on my lists.
(0) Okay, so no-one has /actually/ offered me money, but I live in hope. :-)
-- Regards _ / ) "The blindingly obvious is / _)rad never immediately apparent"
A friend of a friend he got beaten I Predict A Riot - Kaiser Chiefs
![](https://secure.gravatar.com/avatar/713254a8a32975b3c41d0f679628df85.jpg?s=120&d=mm&r=g)
Brad Rogers wrote:
Hello Grant,
Hi.
Don't get me wrong, I'm not disagreeing with you about banning people. Rather I was commenting on the p*@s poor implementations of OoO auto responders that I've run across.
(0) Okay, so no-one has /actually/ offered me money, but I live in hope. :-)
I'll hoist a glass to that hope.
Grant. . . .
![](https://secure.gravatar.com/avatar/c5321d416c09bdba89358759601af573.jpg?s=120&d=mm&r=g)
On Sun, 28 Jun 2009 18:15:11 -0700 Mark Sapiro <mark@msapiro.net> wrote:
I think I found out what happened. The mailserver has a built in rule that people can enable for out of office messages. That rule knows how to deal with lists.
It actually checks that the message header does not contain any of the following fields:
Precedence: bulk
Precedence: junk
Precedence: list
X-List*
X-Mirror*
X-Auto*
X-Mailing-List
and will not auto respond if it does.
However, the built in rule only responds once to a message and tracks the address so it does not send the out of office again.
Well, staff did not like that. So another rule was created that responded to every message with the out of office. That rule did not do any of the Precedence checks and quite happily created the loop.
The servers built in autoresponder is not broken, but the other rule is.
Thanks everyone for your input.
--Karl
![](https://secure.gravatar.com/avatar/173371753ea2206b9934a9be1bdce423.jpg?s=120&d=mm&r=g)
On Jun 28, 2009, at 6:34 PM, Karl Zander wrote:
If it's replying to message with a Precedence: header (and any value)
it's broken.
I note the header of the message from the autoresponder contains
X-Autogenerated: Reply
Can anybody find a reference for the semantics of X-Autogenerated?
I'd be willing to add a rule for this but I'd need to find a reference.
Note too my Replybot program <http://launchpad.net/replybot> for an
automatic email reply system done right. :)
-Barry
![](https://secure.gravatar.com/avatar/713254a8a32975b3c41d0f679628df85.jpg?s=120&d=mm&r=g)
On 6/29/2009 8:10 AM, Barry Warsaw wrote:
Can anybody find a reference for the semantics of X-Autogenerated? I'd be willing to add a rule for this but I'd need to find a reference.
Take a look at section 5, "The Auto-Submitted header field" of RFC 3834. (http://www.rfc-editor.org/rfc/rfc3834.txt).
I think you are meaning the "Auto-Submitted:" header and the "auto-generated" value.
Grant. . . .
![](https://secure.gravatar.com/avatar/713254a8a32975b3c41d0f679628df85.jpg?s=120&d=mm&r=g)
(Sorry, forgot to include this.)
On 6/29/2009 8:10 AM, Barry Warsaw wrote:
If it's replying to message with a Precedence: header (and any value) it's broken.
You may want to take a look at section 3.9, "Quality information" of RFC 2076 (http://www.rfc-editor.org/rfc/rfc2076.txt).
Grant. . . .
![](https://secure.gravatar.com/avatar/334b870d5b26878a79b2dc4cfcc500bc.jpg?s=120&d=mm&r=g)
Barry Warsaw writes:
Amusingly enough, the most recent update of 2076 (see http://people.dsv.su.se/~jpalme/ietf/mail-headers/mail-headers.html) remarks that "more problems with Precedence" were added in its changes documentation. :-)
![](https://secure.gravatar.com/avatar/5fb8e5a1596efa01374ffabe734cacec.jpg?s=120&d=mm&r=g)
On Jun 28, 2009, at 5:34 PM, Karl Zander wrote:
This particular autoresponder is not known to be broken.
It's a bit dated, but I have a rant about broken autoresponder here:
http://goldmark.org/netrants/auto-resp/
As others have said, if an autoresponder is responding repeatedly to
the same address in the course of a few days it is certainly behaving
badly. Lotus Notes and Exchange autoresponders should not be allowed
near the Internet.
I remove people from lists, sending a note to them and their
postmaster saying that as long as they use broken autoresponders they
should not join any Internet email discussion lists.
-j
-- Jeffrey Goldberg http://www.goldmark.org/jeff/
![](https://secure.gravatar.com/avatar/de4632b78ba00436a9b77ed0d6ea8877.jpg?s=120&d=mm&r=g)
On Sat, Aug 01, 2009 at 03:43:40PM -0500, Jeffrey Goldberg wrote:
That's quite a nice summary, IMO.
I'd rewrite that last part to: "Lotus Notes and poorly-setup Microsoft Exchange installations should not be allowed near the Internet."
(I have been known to do Exchange consultancy, but I do have a clue regarding RFCs, mail-delivery, and amn't from the point-and-click "set-up a Mail Server" school of practice.)
I'm not ~usually~ that mean: I tend to un-sub people, or set their addresses to moderated: a few people don't realize how broken their "approach" is. (I don't always see those messages: through filtering, I attempt to ditch 'out of office' type messages.)
-- ``Freedom of the press in Britain means freedom to print such of the proprietor's prejudices as the advertisers don't object to.'' (Hannen Swaffer)
![](https://secure.gravatar.com/avatar/334b870d5b26878a79b2dc4cfcc500bc.jpg?s=120&d=mm&r=g)
Adam McGreggor writes:
I'm not sure that's acceptable. People might be tempted to think that MCSE + CCNA qualify one to do better than "poorly set up" a mail server. :-/
"approach" is. (I don't always see those messages: through filtering, I attempt to ditch 'out of office' type messages.)
My butt has been saved (from Usenet-style flaming, not corporate-style firing) on a number of occasions by the practice of making my personal filter a subset of the rules used on my lists. I realize for various reasons that's not always feasible, but it's a good rule of thumb to start with.
![](https://secure.gravatar.com/avatar/56f108518d7ee2544412cc80978e3182.jpg?s=120&d=mm&r=g)
Karl Zander wrote:
Is there something specific Mailman is looking for to detect autoreponders, like Out of Office messages? We had an incident this weekend with an autoresponder sending an out of office message over and over and over....to a list.
[...]
But I am not sure what Mailman looks at when trying to determine what is an out of office or other automatic message.
As far as posting to a list is concerned, Mailman is looking for an X-BeenThere: header with the list address. It does look at a Precedence: header and will not process commands from or autorespond to Precedence 'bulk', 'junk' or 'list' messages, but it will forward them to the list if they aren't held, rejected or discarded for some other reason. It doesn't specifically try to identify autoresponses.
I would say the autoresponder is broken if it is responding repeatedly to the same address on behalf of the same recipient. I would also say it's broken it it responds to the list for an individual message (not a digest) unless the list is anonymous and puts the list address in the From: of delevered posts. Finally, this is probably more controversial, but I think it's broken if it can't identify its own autoresponses from Message-ID: or something else and not respond to one of its own messages.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
![](https://secure.gravatar.com/avatar/713254a8a32975b3c41d0f679628df85.jpg?s=120&d=mm&r=g)
On 6/28/2009 8:15 PM, Mark Sapiro wrote:
I *REALLY* /wish/ that was the case. I've got an end user that has set up an Out of Office (a.k.a. OoO) auto-reply in Outlook that is replying to every frigging message that comes in.
OoO auto responders usually reply to the From: (header) address of messages as they have on concept of the SMTP envelope sender. So if the mailing list either sets the From: or Reply-To: header, that's where the OoO replies will go.
I have seen more than a few OoO auto-responders that generate a completely new message to the From: / Reply-To: address with out any form of identification as to who it is replying to.
In my opinion, OoO auto responders are probably some of the worst things in email. I've been in an environment where two OoO auto responders were battling with each other and generated almost 100,000 messages over a weekend.
Grant. . . .
![](https://secure.gravatar.com/avatar/987f59c713c470a1bd79f862bf95b919.jpg?s=120&d=mm&r=g)
Am/On Mon, 29 Jun 2009 00:27:22 -0500 schrieb/wrote Grant Taylor:
we immediately ban people sending autoresponses to a list. We've put that in our list rules.
Basically it's up to the list participant to set up his/her autoresponder to not reply to any list messages.
Probably one could set up a filter or something to catch most of the autoresponses and filter them out. cheers, Matthias
![](https://secure.gravatar.com/avatar/682b7115267957111b90d648ac5ab780.jpg?s=120&d=mm&r=g)
On Mon, 29 Jun 2009 00:27:22 -0500 Grant Taylor <gtaylor@riverviewtech.net> wrote:
Hello Grant,
OoO auto responders usually reply to the From: (header) address of messages as they have on concept of the SMTP envelope sender. So if
Like Matthias, I ban users that use auto-responders. No amount of begging, apologising or offering me money(0) has, so far, got any of the offenders back on my lists.
(0) Okay, so no-one has /actually/ offered me money, but I live in hope. :-)
-- Regards _ / ) "The blindingly obvious is / _)rad never immediately apparent"
A friend of a friend he got beaten I Predict A Riot - Kaiser Chiefs
![](https://secure.gravatar.com/avatar/713254a8a32975b3c41d0f679628df85.jpg?s=120&d=mm&r=g)
Brad Rogers wrote:
Hello Grant,
Hi.
Don't get me wrong, I'm not disagreeing with you about banning people. Rather I was commenting on the p*@s poor implementations of OoO auto responders that I've run across.
(0) Okay, so no-one has /actually/ offered me money, but I live in hope. :-)
I'll hoist a glass to that hope.
Grant. . . .
![](https://secure.gravatar.com/avatar/c5321d416c09bdba89358759601af573.jpg?s=120&d=mm&r=g)
On Sun, 28 Jun 2009 18:15:11 -0700 Mark Sapiro <mark@msapiro.net> wrote:
I think I found out what happened. The mailserver has a built in rule that people can enable for out of office messages. That rule knows how to deal with lists.
It actually checks that the message header does not contain any of the following fields:
Precedence: bulk
Precedence: junk
Precedence: list
X-List*
X-Mirror*
X-Auto*
X-Mailing-List
and will not auto respond if it does.
However, the built in rule only responds once to a message and tracks the address so it does not send the out of office again.
Well, staff did not like that. So another rule was created that responded to every message with the out of office. That rule did not do any of the Precedence checks and quite happily created the loop.
The servers built in autoresponder is not broken, but the other rule is.
Thanks everyone for your input.
--Karl
![](https://secure.gravatar.com/avatar/173371753ea2206b9934a9be1bdce423.jpg?s=120&d=mm&r=g)
On Jun 28, 2009, at 6:34 PM, Karl Zander wrote:
If it's replying to message with a Precedence: header (and any value)
it's broken.
I note the header of the message from the autoresponder contains
X-Autogenerated: Reply
Can anybody find a reference for the semantics of X-Autogenerated?
I'd be willing to add a rule for this but I'd need to find a reference.
Note too my Replybot program <http://launchpad.net/replybot> for an
automatic email reply system done right. :)
-Barry
![](https://secure.gravatar.com/avatar/713254a8a32975b3c41d0f679628df85.jpg?s=120&d=mm&r=g)
On 6/29/2009 8:10 AM, Barry Warsaw wrote:
Can anybody find a reference for the semantics of X-Autogenerated? I'd be willing to add a rule for this but I'd need to find a reference.
Take a look at section 5, "The Auto-Submitted header field" of RFC 3834. (http://www.rfc-editor.org/rfc/rfc3834.txt).
I think you are meaning the "Auto-Submitted:" header and the "auto-generated" value.
Grant. . . .
![](https://secure.gravatar.com/avatar/713254a8a32975b3c41d0f679628df85.jpg?s=120&d=mm&r=g)
(Sorry, forgot to include this.)
On 6/29/2009 8:10 AM, Barry Warsaw wrote:
If it's replying to message with a Precedence: header (and any value) it's broken.
You may want to take a look at section 3.9, "Quality information" of RFC 2076 (http://www.rfc-editor.org/rfc/rfc2076.txt).
Grant. . . .
![](https://secure.gravatar.com/avatar/334b870d5b26878a79b2dc4cfcc500bc.jpg?s=120&d=mm&r=g)
Barry Warsaw writes:
Amusingly enough, the most recent update of 2076 (see http://people.dsv.su.se/~jpalme/ietf/mail-headers/mail-headers.html) remarks that "more problems with Precedence" were added in its changes documentation. :-)
![](https://secure.gravatar.com/avatar/5fb8e5a1596efa01374ffabe734cacec.jpg?s=120&d=mm&r=g)
On Jun 28, 2009, at 5:34 PM, Karl Zander wrote:
This particular autoresponder is not known to be broken.
It's a bit dated, but I have a rant about broken autoresponder here:
http://goldmark.org/netrants/auto-resp/
As others have said, if an autoresponder is responding repeatedly to
the same address in the course of a few days it is certainly behaving
badly. Lotus Notes and Exchange autoresponders should not be allowed
near the Internet.
I remove people from lists, sending a note to them and their
postmaster saying that as long as they use broken autoresponders they
should not join any Internet email discussion lists.
-j
-- Jeffrey Goldberg http://www.goldmark.org/jeff/
![](https://secure.gravatar.com/avatar/de4632b78ba00436a9b77ed0d6ea8877.jpg?s=120&d=mm&r=g)
On Sat, Aug 01, 2009 at 03:43:40PM -0500, Jeffrey Goldberg wrote:
That's quite a nice summary, IMO.
I'd rewrite that last part to: "Lotus Notes and poorly-setup Microsoft Exchange installations should not be allowed near the Internet."
(I have been known to do Exchange consultancy, but I do have a clue regarding RFCs, mail-delivery, and amn't from the point-and-click "set-up a Mail Server" school of practice.)
I'm not ~usually~ that mean: I tend to un-sub people, or set their addresses to moderated: a few people don't realize how broken their "approach" is. (I don't always see those messages: through filtering, I attempt to ditch 'out of office' type messages.)
-- ``Freedom of the press in Britain means freedom to print such of the proprietor's prejudices as the advertisers don't object to.'' (Hannen Swaffer)
![](https://secure.gravatar.com/avatar/334b870d5b26878a79b2dc4cfcc500bc.jpg?s=120&d=mm&r=g)
Adam McGreggor writes:
I'm not sure that's acceptable. People might be tempted to think that MCSE + CCNA qualify one to do better than "poorly set up" a mail server. :-/
"approach" is. (I don't always see those messages: through filtering, I attempt to ditch 'out of office' type messages.)
My butt has been saved (from Usenet-style flaming, not corporate-style firing) on a number of occasions by the practice of making my personal filter a subset of the rules used on my lists. I realize for various reasons that's not always feasible, but it's a good rule of thumb to start with.
participants (10)
-
Adam McGreggor
-
Barry Warsaw
-
Barry Warsaw
-
Brad Rogers
-
Grant Taylor
-
Jeffrey Goldberg
-
Karl Zander
-
Mark Sapiro
-
Matthias Schmidt
-
Stephen J. Turnbull