[Dshield] Exchange Open Relay
capegeo at opengroup.org
Sun Mar 5 23:05:49 GMT 2006
> Obviously there are un-intended victims in any situation where the potential
> for false positive exists. Until you become one and find out why, it may be
> hard to relate.
> I am not a fan of OoO replies, but customers want that ability. In a very
> competitive marketplace you MUST offer the same bells and whistles as your
> competitors and more if possible to flourish. By the same token, offering
> some of those options may put you at risk for BL problems. That is the gist
> of it from my seat on the bus.
I've kept quiet until now, but I can't stand it any longer . . . :-) I have
two responses wrt OoO replies. First, if I am a customer and I contact a
vendor, I /*don't*/ want an OoO reply. I wouldn't have contacted a vendor
unless I had a problem that needed to be resolved. OoO replies do not help me
solve my problem. Secondly, I subscribe to several security- and
compliance-related mailing lists. I have all but stopped actively
participating in them because of all the OoO replies I get from numbnuts who
don't turn off their OoO replies to mailing list traffic. It's been a long
time since I've been a BOFH, but I still were, every user who allow OoO
replies to /*every*/ incoming email from /*every*/ mailing list to which they
were subscribed would very shortly find themselves sans email privileges.
IMNSHO, OoO replies are at least a violation of netiquette, at worst spam
worse than the UCE.
*bracing for the onslaught of OoO replies to this posting*
More information about the list