Friday, 8. August 2003
PermaLink DUMB: POP3 fetching to SMTP
A salutary tale for anyone who believes that it is OK to fetch email with POP, then route it through their intranet with SMTP.

I have written about the dangers of POP fetching before. Here is a real life example of how embarrassing that can be.

A probably well meaning, but misguided spammer decided to broadcast details of an unmissable opportunity to a large number of addresses, all in the "To:" field of the message. (looks like a breach of the UK Data Protection Act, but that's another story).

Recipients were perplexed to find two seemingly identical copies of the spam in their in-boxes this morning. I actually went so far as to report both as they had come from different ISPs.

A short while later, I had a reply from one ISP saying there had been an open relay and that they were dealing with it as per their AUP. Being accustomed to reading headers, I thought this odd. It hadn't looked like a third party relay to me, so I looked again.

Digging through the labyrinth of received headers, I eventually found that one recipient of the spam was using POP3 fetching, then routing the mail over an intranet with SMTP. Of course, the POP3 fetch had destroyed the SMTP envelopes and subsequently re-created them, inferring them from the header fields "From:" and "To:".

So when the mail got to this particular recipient's intranet mail server, this server looked at all of the newly derived forward envelopes (where previously there had been only one, belonging to the local recipient) and faithfully dispatched fresh copies of the whole message to every non-local recipient. So everybody except that local recipient got two spams for the price of one.

What I want to know is this:

Who sells these POP3 fetching hacks to end users?

This wasn't really the fault of the company whose system rebroadcast the message. This was a small company, probably having no full time IT staff and they have bought email service from a provider who ought to know better.

There are alternatives too, so why do they do it?

I expect this particular user of POP3 fetching will be asking his provider some interesting questions about his "open relay". Oh, to be a fly on the wall...

Category: Dumb and Dumber
Technorati:

Comments :
None yet...
Unable to post a comment? Please read this for a possible explanation...
Add Manual Trackback
Please enter the details of the trackback post. Your trackback will not appear on the site until it has been verified. This won't be immediate, as trackbacks are validated on a scheduled basis. Be patient.











Search
Popular Categories
Blogs
Coffee and Cats
Computing Systems Fundamentals
DNSBLs
Domino Administration
Domino Whitelist
Dumb and Dumber
Flickr
IPv6
SMTP AUTH
Show n Tell
Software
Spam
Spam Statistics
T'Internet
Trunk Monkeys
Viruses and Worms
Wallace and Gromit
Whitelisting
Wii
Monthly Archive
2008
2008
2008
2008
2008
2008
Full Archive
Other stuff
Anti-Spam Tools
Misc Links
Land banking information
ClustrMaps
Locations of visitors to this page
Meta
Proudly powered by IBM Lotus Domino 8 Proudly powered by IBM Lotus Domino 8

Subscribe to articles Subscribe to articles feed

Subscribe to comments Subscribe to comments feed

ROR info ROR info

Like what I do?
Then please consider a donation to support the work of Research Autism.

Idea Jam
Planet Lotus
Contact Me
email - Chris Linfoot