Last week I made an innocuous change to The Ask Leo! Newsletter, and as a result I received a flood of auto-responses delivered to my inbox.
While annoying, it was actually fairly interesting to see no less than three unexpected patterns arise.
It’s important to realize that the various types of auto-responses may not do what you think. In fact, they may be doing something else entirely.
And don’t get me started on those challenge-response spam blockers. (OK, too late…)
The change: ask-leo.com becomes askleo.com
The change was a relatively simple one: the newsletter “From:” address changed. It was from leo<at>ask-leo.com, and became from leo<at>askleo.com – note that the dash between “ask” and “leo” has been removed.
Be sure to white-list or add to your address book leo<at>askleo.com if you’re a newsletter subscriber. (Replace the <at> with @ of course.)
To be honest, it’s a change that I thought I had made long ago when I purchased askleo.com1 and elected to make it the new “primary” domain for Ask Leo!. As I was perusing my newsletter configuration the other day, I noted that the old email address was still being used. I simply removed the dash, hit save and thought nothing more of it.
Until the next newsletter went out, that is.
Then, because my inbox rules were also still set up for the old email address, I got to see all the automated responses that come back when I send a newsletter.
Oh my. There were many.
But the majority fell into three buckets.
One: hacked accounts
This surprised me quite a bit.
I received a number of auto-response messages that looked like this:
It indicates is that someone – a subscriber to the newsletter – has an “out-of-office” or “vacation auto-responder” configured to automatically send that spam out to everyone who sends him an email.
It’s typically due to either of two reasons:
- The account was hacked, and the owner no longer has control over it. The hacker set up this auto-response spam.
- The account was hacked, but the owner regained access. He just doesn’t realize that the hacker set up an auto-response spam.
Take away: check your out-of-office settings to make sure your account isn’t automatically sending spam, especially if you’ve recently been hacked.
Two: change of address
Many of the auto-responses were like this one:
My email address has changed to firstname.lastname@example.org - please update your address book.
Which is fine, I suppose, if real people get it. Unfortunately when you subscribe to a newsletter – any newsletter – or have your email registered at an online store or some other online service, it’s very likely that no one there will see this message. It was a fluke that I saw this at all.
And to be clear: like most newsletters and businesses, I get way too many of these to be able to make these kinds of changes for you. Fortunately, it’s very easy to change your email address for The Ask Leo! Newsletter. I believe it even has the side-effect, if you like, of changing or making it easy to change the email address on all subscriptions handled by the same email provider, Aweber.
Take-away: when you change your email address, it’s important that you take responsibility for changing it for all your subscriptions at the businesses and services that have the old email address. Or keep the old email address working.
Three: challenge/response spam filters
It’s no secret that I really don’t like challenge/response spam filters. Much like DRM on digital music, challenge/response auto-responses punish the innocent because of the actions of the guilty. You’re pushing your spam problem onto the legitimate people trying to email you, while not impacting the spammers one bit. That just doesn’t seem right to me.
But it’s actually worse than that. Challenge/response will cause you to miss important emails that you want to see. Mail from businesses and services, for example, will never be able to actually respond to the spam-filtering challenge auto-response because the mail they send you is almost certainly automated and never seen by a human. Registration links, purchase confirmations, activation codes – all these are sent in email – email that you may never see if you use challenge/response.
I get that spam is a problem, and using challenge/response is absolutely a choice you can make. Clearly, I just feel it’s the wrong choice. You will miss email messages sent to you.
However, since today’s change was my fault I spent a portion of my morning wading through and responding to all of the challenge/response messages I received. I hope I got them all.
Take-away: think long and hard about using challenge/response spam filters.
The rest: out of office
The majority of the rest of the messages were, in fact, actual out-of-office or vacation auto-responses.
Once again, this is up to you, but I discourage out-of-office messages for two simple reasons:
- It confirms to spammers that the email account is a live one, and that they can keep sending more spam to it.
- It confirms to people that you’re possibly away from home, and now might be a good time to stop by and break in.
The first one is common. The second, not so much, but I want to at least mention it for folks who try to stay aware of their personal security as well as their digital.
My approach to being away from my computer is to tell a few people I trust and perhaps need to know that I’ll be away and leave it at that. No auto-response at all. I’ve gone years without setting one up, and it hasn’t impacted me in the least.
Take-away: think long and hard about setting up an auto-response of any sort.