Path: utzoo!attcan!uunet!husc6!bloom-beacon!mit-vax!mit-eddie!rutgers!aramis.rutgers.edu!porthos.rutgers.edu!webber From: webber@porthos.rutgers.edu (Bob Webber) Newsgroups: news.admin Subject: Re: sendsys Message-ID: Date: 23 Jun 88 00:22:27 GMT References: <710@vsi1.UUCP> Organization: Rutgers Univ., New Brunswick, N.J. Lines: 56 In article <710@vsi1.UUCP>, lmb@vsi1.UUCP (Larry Blair) writes: > Hey, I received 4 of these sendsys messages from webber. Up until now, I > considered this guy to be an amusing, but harmless part of USENET. Now, with > his counterfeit messages and flooding the net with "sendsys", he is beginning > to become expensive. If one of our users acted like this, he would no longer > have access to Usenet (at least through our machine). Well, Mel, the ball's > in your court. Are you going to allow this "JJ" to continue? Mel is out at USENIX, of course. Indeed, a number of our systems staff are out at USENIX (although a few stayed back so they could go to interesting conferences instead). I have never posted a counterfeit message although I have assumed a different From: line when speaking as ``official representative of the backbone'' (so that people don't confuse those with my regular postings). Also, I have NEVER sent out a sendsys request. The uselessness of such data was adequately demonstrated when one was sent out by page@lowell (sp?) to try and determine the scope of the alt.* net sometime within the past year. However, since it is piling up, I will take a look at it some time, just to see how it corresponds to the auditron data. Considering the Message Id of the message and the Organization listed, I sort of get the feeling that the person who sent it out didn't expect anyone to actually think I sent it. Probably just thought it would be amusing to send a ton of mail with minimal likelihood of exposure. Of course, since the mail is exceptionally stereotyped and I have a reasonable amount of computer resources that I can expend on the handling of such stuff, the inconvenience to me has been minimal. The inconvenience to those handling mail near rutgers (both incoming sendsys and outgoing automatic reminders that the faculty aliases on rutgers.edu are going away) may be enough that someone will start collecting log files. On the other hand, considering the volume of mail that normally passes thru rutgers, this silliness may not cause much effect locally. One person has mentioned that it is generating some transatlantic flow, so who knows? Someone might even fix the software, but I don't recall hearing that that happened after the misc.test digest fiasco, so I don't hold out much in the way of hope in this case. ------ BOB (webber@athos.rutgers.edu ; rutgers!athos.rutgers.edu!webber) p.s., As you can imagine, I currenty don't read any of the mail coming from addresses such as nobody@, daemon@, news@, root@, guest@, ..., which different people have configured their system to be the sender of these sendsys messages. So if you are sending me a message to flame about it all, the odds are high I will never read it unless you send it from an account that has a ``real-looking'' user name. p.p.s., If you have any bright ideas about how to track down where this initiated, I am all ears. It does not appear to have originated at any computers within the rutgers internal network. p.p.p.s., Actually I do have some sympathy for people who are thoughtlessly reacting to the sendsys request without looking at it closer first. When I first heard of it, I managed to change my password on all the local systems before I realized that it ``claimed'' to have come from a machine I don't even have an account on, i.e., rutgers.edu.