"You've reached the inbox of Mike Jamison. I'm out of the office touring SE
Asia for the next two months. Contact Jim Standin at 222-555-1212."

That tells a potentially nefarious person that someone's house is empty and
unattended for two months. It also tells him the name and phone number of an
internal person. With the latter he could maybe concoct a good lie and
manipulate the person into giving him something he shouldn't have (like
'would you reset my password?').

----- Original Message -----
From: "Andersson Mikael (SIX)" <[EMAIL PROTECTED]>
To: "Exchange Discussions" <[EMAIL PROTECTED]>
Sent: Friday, March 22, 2002 9:20 AM
Subject: RE: Ouf Of Office


> What kind of security risk from a human engineering standpoint do you
mean?
>
> -----Original Message-----
> From: Chris Scharff [mailto:[EMAIL PROTECTED]]
> Sent: den 21 mars 2002 20:42
> To: Exchange Discussions
> Subject: RE: Ouf Of Office
>
>
> It does, but that doesn't mean it couldn't induce a mail loop. Imagine a
> help desk ticketing system which uses a unique e-mail address for every
> e-mail message received and autoreplies to the sender.
>
> More importantly is a security risk from a human engineering standpoint.
>
> > -----Original Message-----
> > From: Andersson Mikael (SIX) [mailto:[EMAIL PROTECTED]]
> > Sent: Thursday, March 21, 2002 4:24 AM
> > To: Exchange Discussions
> > Subject: Ouf Of Office
> >
> >
> > Does Out Of Office responses to the internet really loop?
> >
> > I believed that OOF only replied once to every mailaddress!?
> > Anyone who knows for sure?
>
> _________________________________________________________________
> List posting FAQ:       http://www.swinc.com/resource/exch_faq.htm
> Archives:               http://www.swynk.com/sitesearch/search.asp
> To unsubscribe:         mailto:[EMAIL PROTECTED]
> Exchange List admin:    [EMAIL PROTECTED]
>
> _________________________________________________________________
> List posting FAQ:       http://www.swinc.com/resource/exch_faq.htm
> Archives:               http://www.swynk.com/sitesearch/search.asp
> To unsubscribe:         mailto:[EMAIL PROTECTED]
> Exchange List admin:    [EMAIL PROTECTED]
>

_________________________________________________________________
List posting FAQ:       http://www.swinc.com/resource/exch_faq.htm
Archives:               http://www.swynk.com/sitesearch/search.asp
To unsubscribe:         mailto:[EMAIL PROTECTED]
Exchange List admin:    [EMAIL PROTECTED]

Reply via email to