Bounce loops caused by autoresponders

Hi,

This problem is technically one caused by bad auto-responding systems
from “outsiders” but we’re wondering if there’s a way to handle this
inside of RT…

What happened was an external address user@foo.com emailed a queue that
allows meta-group Everyone to create/reply to tickets. Our OnCreate
Scrip sent back a “thank you for your submission” to that user.

Unfortunately, they then routed that to user2@foo2.org which sent back an
autoresponse to us saying thank you. That auto-response went back to
the queue, was entered into the ticket and since another Scrip has a
NotifyAllWatchers on Correspondence, RT saw this as a new address, a new
watcher, and sent the message from user2@foo2.org back to user@foo.com,
which forwarded to user2@foo2.org and so on and so forth.

This happened 244 times, then for some reason stopped (nothing we did,
it happened fairly late on a Friday night).

So, the question is, is there anything that we can do inside of RT to
help catch these? I can’t see anything obvious, because as far as RT
sees, it’s all new correspondence from two legitimate watchers – other
than restricting Watcher status or changing the ACL so that Replies can
only be sent by a named Requestor/Watcher (rather than “Everyone”),
there may not be any obvious solutions.

Perhaps some way of counting “Re: Re: Re:” in Subject lines?

Any suggestions appreciated!

Thanks,

Scott

“Scott A. McIntyre” scott@xs4all.nl writes:

What happened was an external address user@foo.com emailed a queue that
allows meta-group Everyone to create/reply to tickets. Our OnCreate
Scrip sent back a “thank you for your submission” to that user.

We are considering to use the “Comment” address for external users
only (and do not set Reply-To: on outgoing RT messages). The "Reply"
address will be reserved for our personnel. (So it’s quite the
opposite of what people usually do.)

Such a setup makes much more sense to me anyway, and quite a lot of
problems go away, including trouble with autoresponders.

Has anybody tried this reversed setup? Is there something I’m
missing, or is it really much better in every regard? :wink:

Florian Weimer Weimer@CERT.Uni-Stuttgart.DE
University of Stuttgart http://CERT.Uni-Stuttgart.DE/people/fw/
RUS-CERT +49-711-685-5973/fax +49-711-685-5898

This problem is technically one caused by bad auto-responding systems
from “outsiders” but we’re wondering if there’s a way to handle this
inside of RT…

In my opinion, anything that contributes to a mailing loop is a Bad
Thing™.

Unfortunately, they then routed that to user2@foo2.org which sent back an
autoresponse to us saying thank you. That auto-response went back to
the queue, was entered into the ticket and since another Scrip has a
NotifyAllWatchers on Correspondence, RT saw this as a new address, a new
watcher, and sent the message from user2@foo2.org back to user@foo.com,
which forwarded to user2@foo2.org and so on and so forth.

The solution that I use is a more generic one, consisting of two Scrips.
The first Scrip places a magic string in the User’s comment field if they
have sent more than [number] mails in the last [time period] to the RT
system. If they have sent less than [2nd number] in the last [time
period], the magic string is removed from their comment field.

The second Scrip squelches the mail out of the transaction (currently only
autoreply) if the magic string is present in the User’s comment field.

This has so far worked for my installation, not that we have much traffic
through it :wink:

Both UpdateSquelch and AutoReplySquelch should be in
http://www.fsck.com/pub/rt/contrib/2.0 .

Regards,

                         Bruce Campbell                            RIPE
               Systems/Network Engineer                             NCC
             www.ripe.net - PGP562C8B1B                      Operations