Email loop

Last updated February 24, 2023

An email loop is an infinite loop phenomenon, resulting from mail servers, scripts, or email clients that generate automatic replies or responses. If one such automatic response triggers another automatic response on the other side, an email loop is created. The process can continue until one mailbox is full or reaches its mail sending limit. In theory, the email loop could last indefinitely. Email loops may be caused accidentally or maliciously, causing denial of service. Although rare, email loops involving more than two participants can also occur.

Costs of an email loop

Bandwidth: Email loops use up limited bandwidth over networks.
Processing time: Email loops will take up processing time, and could slow down other processes.
Disk space: Automatic emails are usually stored in the mailboxes of participants.
Human time: Network administrators may have to intervene to fix the problem, or clean up mailboxes. Also the mailbox user/owner will have to delete the numerous responses in order to clean up the mailbox.
Reputation damage: If an internet loop involves a large number of people, it can result in reputational damage for the organization. Recipients of the loop may perceive it as spam, which can damage the sender's reputation and result in future emails being filtered to spam folders.
Security risks: An internet loop can also pose a security risk if it involves sensitive information. For example, if an email containing confidential information is caught in a loop, it can be sent to unintended recipients, resulting in a data breach.
Legal liabilities: In some cases, an internet loop can result in legal liabilities. For instance, if an email containing defamatory or discriminatory language is caught in a loop, it can result in a lawsuit.
Productivity loss: An internet loop can cause significant productivity loss for both individuals and organizations. For example, if an employee's mailbox is inundated with looped emails, it can take a significant amount of time to delete them, resulting in lost productivity.
Resource consumption: An internet loop can consume a significant amount of resources, including bandwidth, processing time, and disk space. This can result in slower network speeds, decreased system performance, and increased storage costs.

Causes

Autoresponders, such as automatic "on vacation" replies
Email bounces due to, for example, exceeding the inbox disk quota
Replies to indicate that that mail has been delivered
Replies to email read-receipts
Misconfigured email servers that try to deliver messages to systems that pass the message along to another host, with a loop leading in a circle. (Modern mail systems will detect mail forwarded back and forth between two hosts, but a routing loop involving three hosts is much harder to detect.)

Prevention

The mail system should retain headers of incoming email while performing any type of auto-forwarding operation.
Auto Responder: Do not send more than 'x' replies to the same sender.
Headers hinting at auto-responders, like X-Auto-Response-Suppress: All (Microsoft Exchange^[1]) or Auto-Submitted: auto-generated (RFC 3834 ^[2])

Related Research Articles

Electronic mail is a method of exchanging messages ("mail") between people using electronic devices. Email was thus conceived as the electronic (digital) version of, or counterpart to, mail, at a time when "mail" meant only physical mail. Email has become such a ubiquitous communication medium to the point that in current use, an email address is often treated as a basic and necessary part of many processes in business, commerce, government, education, entertainment, and other spheres of daily life in most countries.

The Simple Mail Transfer Protocol (SMTP) is an Internet standard communication protocol for electronic mail transmission. Mail servers and other message transfer agents use SMTP to send and receive mail messages. User-level email clients typically use SMTP only for sending messages to a mail server for relaying, and typically submit outgoing email to the mail server on port 587 or 465 per RFC 8314. For retrieving messages, IMAP is standard, but proprietary servers also often implement proprietary protocols, e.g., Exchange ActiveSync.

<span class="mw-page-title-main">Open mail relay</span>

An open mail relay is a Simple Mail Transfer Protocol (SMTP) server configured in such a way that it allows anyone on the Internet to send e-mail through it, not just mail destined to or originating from known users. This used to be the default configuration in many mail servers; indeed, it was the way the Internet was initially set up, but open mail relays have become unpopular because of their exploitation by spammers and worms. Many relays were closed, or were placed on blacklists by other servers.

An email client, email reader or, more formally, message user agent (MUA) or mail user agent is a computer program used to access and manage a user's email.

An email address identifies an email box to which messages are delivered. While early messaging systems used a variety of formats for addressing, today, email addresses follow a set of specific rules originally standardized by the Internet Engineering Task Force (IETF) in the 1980s, and updated by RFC 5322 and 6854. The term email address in this article refers to just the addr-spec in Section 3.4 of RFC 5322. The RFC defines address more broadly as either a mailbox or group. A mailbox value can be either a name-addr, which contains a display-name and addr-spec, or the more common addr-spec alone.

Various anti-spam techniques are used to prevent email spam.

Sender Policy Framework (SPF) is an email authentication method designed to detect forging sender addresses during the delivery of the email. SPF alone, though, is limited to detecting a forged sender claim in the envelope of the email, which is used when the mail gets bounced. Only in combination with DMARC can it be used to detect the forging of the visible sender in emails, a technique often used in phishing and email spam.

A Joe job is a spamming technique that sends out unsolicited e-mails using spoofed sender data. Early Joe jobs aimed at tarnishing the reputation of the apparent sender or inducing the recipients to take action against them, but they are now typically used by commercial spammers to conceal the true origin of their messages and to trick recipients into opening emails apparently coming from a trusted source.

Greylisting is a method of defending e-mail users against spam. A mail transfer agent (MTA) using greylisting will "temporarily reject" any email from a sender it does not recognize. If the mail is legitimate, the originating server will try again after a delay, and if sufficient time has elapsed, the email will be accepted.

A bounce message or just "bounce" is an automated message from an email system, informing the sender of a previous message that the message has not been delivered. The original message is said to have "bounced".

Email filtering is the processing of email to organize it according to specified criteria. The term can apply to the intervention of human intelligence, but most often refers to the automatic processing of messages at an SMTP server, possibly applying anti-spam techniques. Filtering can be applied to incoming emails as well as to outgoing ones.

The Sender Rewriting Scheme (SRS) is a scheme for bypassing the Sender Policy Framework's (SPF) methods of preventing forged sender addresses. Forging a sender address is also known as email spoofing.

<span class="mw-page-title-main">Email spoofing</span> Creating email spam or phishing messages with a forged sender identity or address

Email spoofing is the creation of email messages with a forged sender address. The term applies to email purporting to be from an address which is not actually the sender's; mail sent in reply to that address may bounce or be delivered to an unrelated party whose identity has been faked. Disposable email address or "masked" email is a different topic, providing a masked email address that is not the user's normal address, which is not disclosed, but forwards mail sent to it to the user's real address.

A challenge–response system is a type of spam filter that automatically sends a reply with a challenge to the (alleged) sender of an incoming e-mail. It was originally designed in 1997 by Stan Weatherby, and was called Email Verification. In this reply, the purported sender is asked to perform some action to assure delivery of the original message, which would otherwise not be delivered. The action to perform typically takes relatively little effort to do once, but great effort to perform in large numbers. This effectively filters out spammers. Challenge–response systems only need to send challenges to unknown senders. Senders that have previously performed the challenging action, or who have previously been sent e-mail(s) to, would be automatically whitelisted.

Email forwarding generically refers to the operation of re-sending an email message delivered to one email address to one or more different email addresses.

An email alias is simply a forwarding email address. The term alias expansion is sometimes used to indicate a specific mode of email forwarding, thereby implying a more generic meaning of the term email alias as an address that is forwarded in a simplistic fashion.

Backscatter is incorrectly automated bounce messages sent by mail servers, typically as a side effect of incoming spam.

A feedback loop (FBL), sometimes called a complaint feedback loop, is an inter-organizational form of feedback by which a mailbox provider (MP) forwards the complaints originating from their users to the sender's organizations. MPs can receive users' complaints by placing report spam buttons on their webmail pages, or in their email client, or via help desks. The message sender's organization, often an email service provider, has to come to an agreement with each MP from which they want to collect users' complaints.

Spam reporting, more properly called abuse reporting, is the action of designating electronic messages as abusive for reporting to an authority so that they can be dealt with. Reported messages can be email messages, blog comments, or any kind of spam.

People tend to be much less bothered by spam slipping through filters into their mail box, than having desired e-mail ("ham") blocked. Trying to balance false negatives vs false positives is critical for a successful anti-spam system. As servers are not able to block all spam there are some tools for individual users to help control over this balance.

References

↑ "Developer tools, technical documentation and coding examples".
↑ Moore, Keith (August 2004). "Recommendations for Automatic Responses to Electronic Mail".

External links

This Internet-related article is a stub. You can help Wikipedia by expanding it.

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] "Developer tools, technical documentation and coding examples".

[2] Moore, Keith (August 2004). "Recommendations for Automatic Responses to Electronic Mail".

[1]

[2]