This problem is technically one caused by bad auto-responding systems
from “outsiders” but we’re wondering if there’s a way to handle this
inside of RT…
What happened was an external address email@example.com emailed a queue that
allows meta-group Everyone to create/reply to tickets. Our OnCreate
Scrip sent back a “thank you for your submission” to that user.
Unfortunately, they then routed that to firstname.lastname@example.org which sent back an
autoresponse to us saying thank you. That auto-response went back to
the queue, was entered into the ticket and since another Scrip has a
NotifyAllWatchers on Correspondence, RT saw this as a new address, a new
watcher, and sent the message from email@example.com back to firstname.lastname@example.org,
which forwarded to email@example.com and so on and so forth.
This happened 244 times, then for some reason stopped (nothing we did,
it happened fairly late on a Friday night).
So, the question is, is there anything that we can do inside of RT to
help catch these? I can’t see anything obvious, because as far as RT
sees, it’s all new correspondence from two legitimate watchers – other
than restricting Watcher status or changing the ACL so that Replies can
only be sent by a named Requestor/Watcher (rather than “Everyone”),
there may not be any obvious solutions.
Perhaps some way of counting “Re: Re: Re:” in Subject lines?
Any suggestions appreciated!