Path: utzoo!attcan!uunet!husc6!bloom-beacon!mit-vax!mit-eddie!rutgers!aramis.rutgers.edu!porthos.rutgers.edu!webber
From: webber@porthos.rutgers.edu (Bob Webber)
Newsgroups: news.admin
Subject: Re: sendsys
Message-ID: 
Date: 23 Jun 88 00:22:27 GMT
References:   <710@vsi1.UUCP>
Organization: Rutgers Univ., New Brunswick, N.J.
Lines: 56

In article <710@vsi1.UUCP>, lmb@vsi1.UUCP (Larry Blair) writes:
> Hey, I received 4 of these sendsys messages from webber.  Up until now, I
> considered this guy to be an amusing, but harmless part of USENET.  Now, with
> his counterfeit messages and flooding the net with "sendsys", he is beginning
> to become expensive.  If one of our users acted like this, he would no longer
> have access to Usenet (at least through our machine).  Well, Mel, the ball's
> in your court.  Are you going to allow this "JJ" to continue?

Mel is out at USENIX, of course.  Indeed, a number of our systems
staff are out at USENIX (although a few stayed back so they could go
to interesting conferences instead).  I have never posted a
counterfeit message although I have assumed a different From: line
when speaking as ``official representative of the backbone'' (so that
people don't confuse those with my regular postings).  Also, I have
NEVER sent out a sendsys request.  The uselessness of such data
was adequately demonstrated when one was sent out by page@lowell (sp?)
to try and determine the scope of the alt.* net sometime within the
past year.  However, since it is piling up, I will take a look at
it some time, just to see how it corresponds to the auditron data.

Considering the Message Id of the message and the Organization listed,
I sort of get the feeling that the person who sent it out didn't
expect anyone to actually think I sent it.  Probably just thought it
would be amusing to send a ton of mail with minimal likelihood of
exposure.  Of course, since the mail is exceptionally stereotyped and
I have a reasonable amount of computer resources that I can expend on
the handling of such stuff, the inconvenience to me has been minimal.
The inconvenience to those handling mail near rutgers (both incoming
sendsys and outgoing automatic reminders that the faculty aliases on
rutgers.edu are going away) may be enough that someone will start
collecting log files.  On the other hand, considering the volume of
mail that normally passes thru rutgers, this silliness may not cause
much effect locally.  One person has mentioned that it is generating
some transatlantic flow, so who knows?  Someone might even fix the
software, but I don't recall hearing that that happened after the
misc.test digest fiasco, so I don't hold out much in the way of hope
in this case.

------ BOB (webber@athos.rutgers.edu ; rutgers!athos.rutgers.edu!webber)

p.s., As you can imagine, I currenty don't read any of the mail coming
from addresses such as nobody@, daemon@, news@, root@, guest@, ...,
which different people have configured their system to be the sender
of these sendsys messages.  So if you are sending me a message to
flame about it all, the odds are high I will never read it unless you
send it from an account that has a ``real-looking'' user name.

p.p.s., If you have any bright ideas about how to track down where this
initiated, I am all ears.  It does not appear to have originated at any
computers within the rutgers internal network.

p.p.p.s., Actually I do have some sympathy for people who are thoughtlessly
reacting to the sendsys request without looking at it closer first.  When
I first heard of it, I managed to change my password on all the local systems
before I realized that it ``claimed'' to have come from a machine I don't even
have an account on, i.e., rutgers.edu.