Closed
Bug 297673
Opened 19 years ago
Closed 1 year ago
Auto-Reply : Implement proper behavior to avoid loops (precedence header)
Categories
(MailNews Core :: Backend, defect)
MailNews Core
Backend
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 904461
People
(Reporter: jmdesp, Unassigned)
References
(Depends on 1 open bug)
Details
When we auto-reply, we should take proper measures to avoid loops. The most commonly used method in the wild is through the use of the Precedence header. We should never auto-reply to a message that has a Precedence header with a value of 'list', 'bulk', or 'junk'. The "Precedence: list" header is not a standardised header, and RFC2076/"the draft to update it" have some warning against it. (that draft here : http://www.dsv.su.se/~jpalme/ietf/mail-headers/mail-headers.html) Still most any mailing list includes it (including the IETF mailing-lists), and make it the most robust method for mailing-list loop control. It think it could be better to insert the Precedence header in email that we send automatically in order to avoid non mailing-list related loops, but that might be a more debatable point. rfc 3834 "Recommendations for Automatic Responses to Electronic Mail" has useful indications, even if we can't implement everything it suggests : [...] For instance, if the subject message contained a Precedence header field [I4.RFC2076] with a value of "list" the responder might guess that the traffic had arrived from a mailing list, and would not respond if the response were only intended for personal messages. For similar reasons, a responder MAY ignore any subject message with a List-* field [I5.RFC2369]. [...] 3.1.8. Precedence field A response MAY include a Precedence field [I4.RFC2076] in order to discourage responses from some kinds of responders which predate this specification. [...] Note that RFC 3834 does not discourage it at all, and explicitely allows if not recommend it, which seems a lot more coherent with the actual usage than RFC 2076.
Comment 1•19 years ago
|
||
Also, when we should set the Auto-Submitted header, like "Auto-Submitted: auto-replied" according to RFC 3834. And of course avoid auto replying/forwarding of such mails.
Comment 2•19 years ago
|
||
I see this behavior as something that should be coded manually by the filter writer. (We can already filter on "Precedence" or any other header in incoming mail messages by using the Customize option in the Create New Filter dialog, and presumably the fix for bug 11034 will include the ability to set any header in the outgoing auto-reply message.) Hard-coding it in Mozilla would give spam-senders the ability to defeat the auto-reply mechanism by putting in a header that will make Mozilla refuse to send an auto-reply. In my view that is the greater danger. The right way to prevent loops is to put in help text encouraging use of the Precedence header as in the Description of this bug, and possibly to bury the auto-reply capability where casual users won't find it. Therefore I oppose this bug.
Reporter | ||
Comment 3•19 years ago
|
||
(In reply to comment #2) > I see this behavior as something that should be coded manually by the filter > writer. We don't want to depend on the user making a manual operation that most people don't know anything about. I'd agree on a hidden option to disable it. > Hard-coding it in Mozilla would give spam-senders the ability to defeat the > auto-reply mechanism by putting in a header that will make Mozilla refuse to > send an auto-reply. You really believe in fighting spam by sending a bounce ? Some abuse service see trying to do that as an abuse itself, because if you fake your ISP bounce, they are the one who will get bounces back for the false spammer adresses. Anyway that would be bug 109930, not 11034. If bug 109930 is solved, it could be through a method that doesn't take into account the Precedence and Auto-Submitted headers. You'd either select the action Reply that respects Precedence/Auto-Submitted, or the action Bounce that doesn't.
Assignee: nobody → bienvenu
Comment 4•16 years ago
|
||
See among others at http://www.spamcop.net/fom-serve/cache/329.html a detailed explanation of the contribution of various kinds of "auto-replies" to the spam problem, and how to avoid that contribution by replacing auto-replying by better procedures. Remember that nothing is easier than using a counterfeit "From" address (I could explain you in one minute how to do it with plain-vanilla Thunderbird), and that no one uses that possibility more extensively than spammers.
Updated•16 years ago
|
Assignee: bienvenu → nobody
QA Contact: backend
Assignee | ||
Updated•16 years ago
|
Product: Core → MailNews Core
Magnus, is this solved by bug 904458 ?
Comment 6•10 years ago
|
||
No, but bug 904461 would improve it (maybe for most cases even), and perhaps later we could build on it to fix this fully. The problem is that the needed headers would not be easily accessible atm.
Updated•2 years ago
|
Severity: normal → S3
Updated•1 year ago
|
You need to log in
before you can comment on or make changes to this bug.
Description
•