Spam Generated Read Receipt?

[emel]

Situation:
A recent spam seems to have generated a read receipt, even though I have
set Outlook to "Never send a response." Is there a way to force a read
receipt, or have I misinterpreted the evidence here. If a spammer can force
a read receipt, that's a pretty bad thing.

Config:
Outlook 2002, pop3/smtp account
WIndows 2000, SP4, all security patches applied
I've also set Outlook to display all email as plain text as described in KB
article 307594 because I got tired of dealing with web bugs & such.
Preview panes are turned off.
McAfee Virus Scan 10.0.27 (with latest updates) is watching over all
incoming and outgoing messages.

The curious situation:
I received a spam message, looked at it (the plain text version), and
deleted it. Later, I received a return to sender message for the read
receipt that (I think) should not have been sent. So, it looks like this
happened:

1) Spammer ----> Spam -------> Me

The message headers for the original message (step 1) includes:
Disposition-Notification-To: "Celina Carmichael"
<[email protected]>
So, yes, the spam requested a read receipt. Yes, I obscured the domain. It
was a valid university mail server.

2) Me -------> Read receipt -------> Alleged sender

I have no record of this message except in the RTS described next. From
that, the "received from:" shows my laptop host name and IP address, so it
looks like my copy of Outlook generated the read receipt:

Received: from edslaptop (blah.blah.pa.comcast.net[nnn.nnn.123.147])
by comcast.net (sccrmhc11) with SMTP
id <2006012117220501100qq2rje>; Sat, 21 Jan 2006 17:22:05 +0000

3) Alleged sender's mail server -----> return to sender -------> Me

This was a kosher rts from the .edu mail server. The rts included the read
receipt sent in step 2.

 

[ssokolov]

Hello,

It seems that I have the same situation.
SPAM messages are getting replied by Outlook automatically regardless
of the tracking option which is set to "Ask before sending" (or
"Never", it doesn't matter). I suspect this happens when the message is
moved from Inbox to the Junk E-Mail folder. No question is asked until
I open that SPAM message in Junk E-mail folder.

I am using IMAP server.

Software:
Outlook 2003 SP2 + all updates from officeupdate.msft.com
Windows XP SP2 + all updates from windowsupdate.msft.com
ActiveSync 4.1.0

The headers of the one of the SPAM messages follow:
--------------------
Return-path: <[email protected]>
Envelope-to: #############
Delivery-date: Wed, 25 Jan 2006 00:22:34 +0600
Received: from (mail.#######) [192.168.#####]by ##### with esmtp(Exim
4.50 #1 (Gentoo Linux 1.4))id 1F1SoD-000176-Pj; Wed, 25 Jan 2006
00:22:33 +0600
Received: from [222.104.14.30] (helo=222.104.14.30)
by mail.####### with smtp (Exim 3.36 #1)
id 1F1Sop-00075G-00
for #############; Wed, 25 Jan 2006 00:23:06 +0600
Date: Tue, 24 Jan 2006 22:13:20 +0300
From: =?Windows-1251?B?0ejk7vDu4iDA7eDy7uvo6Q==?=
<[email protected]>
Disposition-Notification-To: ############# (Yes, it's again my email
address, so I see the read response!) #########
To: =?Windows-1251?B?y/7h7uL8IMzo9eDp6+7i7eA=?= <#############>
Subject:
=?Windows-1251?B?0ejk7vDu4iDA7eDy7uvo6SDK7vDv7vDg8uji7fvpIFBSIOIg0O7x8ejoIC0g8uXu?=
=?Windows-1251?B?8Oj/IOgg7/Dg6vLo6uA=?=
MIME-Version: 1.0
Content-Type: text/html; charset=Windows-1251
Content-Transfer-Encoding: 8bit
Message-Id: <E1F1Sop-00075G-00@mail.#######>
X-Antivirus-Scanned: Clean
X-Spam-Score: 15.9 (+++++++++++++++)
X-Spam-Flag: YES
--------------------

I see that similar topics have been already discussed here and there,
but as far as I discovered, guys from Microsoft tell that the issue is
fixed in recent Office 2003 Service Packs. Noticeably, I have the SP
installed, but it doesn't fix the issue.
I have re-installed Outlook and applied SP2, but no luck. I am going to
fully reinstall all office applications later this week.

I hope someone from MSFT could help me.

Thanks in advance.

 

[emel]

Is there a knowledge base article number on this? I ran a few KB searches
and didn't find anything helpful.

Thanks,
Ed

 

[odo]

It seems I have the same situation here (using Outlook 2002 SP3)
I tracked what is happening and found out that Outlooks sends email without
me knowing ( regardless of the tracking option which is set to "Ask before
sending"). if the following simple conditions are met:
1. Incoming message header has “Disposition-Notification-To†field.
2. Filtering rule has been set up to move this message to Deleted Items folder

So I have set up a filter that moves spam to Deleted Items, now if this
spammer has set up “Disposition-Notification-To: (e-mail address removed)†then
(e-mail address removed) gets mail from me confirming that I read the message,
although I did not. But what worries me that this spammer for sure knows now
that this is a working e-mail address and I probably keep getting some more
sh*t from them soon. I wouldn’t call this security hole, but I’d definitely
call it a bug as I send mail without wanting to do so myself. So Bill are you
reading this? Patch needed urgently!!

o.