Out of Office AutoReply: Way OT: SMTP/POP/IMAP (Whole mailserver, actually) redundancy

[Jason Balicki]

Turn off your vacation auto-reply, or configure it to not send mail
to mailing lists.

It is a HUGE security risk to you, and annoying to people who
actually PARTICIPATE in mailing lists as opposed to just lurking.

Do you know how annoying it is to have hundreds of list users tell
me that they're on vacation when I DON'T KNOW THEM AND I DON'T CARE?

Also, now anyone who sends a message to this mailing list
is going to know that you're on vacation and not watching
your stuff.  Consider the following scenario:

Bad guy: "Hi, I know <this guy's> out today, but he had
mentioned that I could do some maintenance for him, problem
is I forgot <some piece of information that can be wheedled
from your cow-orker and used to gain unauthorized access>
could you tell me what that was again?"

Your cow-orker:  "Yeah, sure, if you know <this guy>, here's
the <password | PIN | dress size>."

Since you've probably given your phone number, alternate
contact, etc, it makes it that much easier for an attacker
to socially engineer information out of your cow-orkers.

This has been a form letter.  Be aware that I'm equally annoyed
by each and every "Out of Office" message I receive.

--J(K)

PS:  yes, I mean "cow-orker".

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).