Haunted email servers

By | July 13, 2007

I think there must be ghosts haunting the world’s email servers this week or something, because in the few days, I’ve had three different surreal email incidents.

Exhibit A: Speakeasy

On Wedneday, July 11, I received email from Speakeasy’s (my ISP’s) ticket tracking system about a support ticket I’d previously filed with them. The problem is, it was a support ticket I’d filed over a year ago, in April 2006, and the email I received on July 11 is one that I’d already received on April 23, 2006. Here’s the (edited) header of the message I received:

Received: from mail8.sea5.speakeasy.net (mail8.sea5.speakeasy.net [69.17.117.10])
	by jik2.kamens.brookline.ma.us (8.14.1/8.14.0) with ESMTP id l6BHoEhu005493
	for ; Wed, 11 Jul 2007 13:50:14 -0400
Received: from moses1.sea5.speakeasy.net ([72.1.141.162])
          (envelope-sender )
          by mail8.sea5.speakeasy.net (qmail-ldap-1.03) with AES256-SHA encrypted SMTP
          for ; 11 Jul 2007 17:50:08 -0000
Received: from moses1.sea5.speakeasy.net (localhost [127.0.0.1])
	by moses1.sea5.speakeasy.net (8.13.1/8.13.1/Debian-13) with ESMTP id k3O3JDL5029329
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT);
	Sun, 23 Apr 2006 20:19:13 -0700
Received: (from apache@localhost)
	by moses1.sea5.speakeasy.net (8.13.1/8.13.1/Debian-13) id k3O3JD0d011413;
	Sun, 23 Apr 2006 20:19:13 -0700
From: support@speakeasy.net
To: jik@speakeasy.net
Cc: jik@kamens.brookline.ma.us
Date: Sun, 23 Apr 2006 20:19:13 -0700 (PDT)
Subject: [ Speakeasy ] Service Ticket Update for Ticket 1170408

Check out the time gap between the second and third “Received” lines! I contacted Speakeasy’s support department about this, and they said, “Our Network Operations team is aware of an issue where some notifications are being intermittently sent again to a few customers for closed tickets. You can disregard this message that was already sent more than a year ago, as Network Operations is currently investigating and working towards a resolution of this issue.”

Exhibit B: Amazon.com

On July 11, I received an email message from Amazon with the subject line “Amazon.com Password Assistance”. This message claimed to have been sent to me because I clicked the “Forgot password” link on the Web site. The problem is, I didn’t — I hadn’t gone anywhere near Amazon in weeks when this message came in.

I’m smart enough to realize that most messages that look like this are phishing attempts, to I delved into the raw message data and confirmed that it had, indeed, come directly from Amazon. I further confirmed this by actually going to Amazon and clicking on the “Forgot password” link, and then verifying that the second message I received at my own request matched the first one. I received a second unsolicited “Password Assistance” message about an hour after the first one, and a third about an hour and a half after the second one.

At this point I was a little nervous that somebody was requesting these “Password Assistance” messages using my email address for some nefarious purpose, e.g., snooping the network to capture the email, and then using the link in it to change my password and hijack my account. Therefore, I decided that I really needed to report the unsolicited messages to Amazon. I navigated the maze of their help system and finally reached the section where they allow people to report on their security concerns. There was no option for “Somebody’s other than me is requesting that my password be changed.” The closest thing to it was an option to report a phishing attempt, so I selected that and reported what had been happening, including a cut-and-paste of one of the “Password Assistance” messages I’d received.

I received a response from Amazon claiming that the message I’d forwarded to them hadn’t come from them. Idiots! I responded and told them to look again.

I received a second response from Amazon: “This e-mail was sent in error, and you may safely ignore it if you did not request a password change.” That doesn’t exactly inspire confidence that they’ve investigated the situation and tried to figure out why those messages were sent to me, eh? Once again: Idiots!

Exhibit C: Virgin Atlantic

This morning I received an email message from Virgin Atlantic confirming that they’d received a complaint I sent them via email. The thing is, that complaint was sent over three years ago, in November 2003, and it was resolved at the time.

Virgin Atlantic sent out a mass-mailed apology for the errant emails later the same day:

I am so sorry for any confusion we have caused by the e mail we sent out, even though you may not have contacted us recently. Our IT department have been carrying out some maintenance on our e mail system in the past 24 hours and as a result I’m afraid they inadvertently prompted it to produce a mass mailing to a number of customers who had e mailed us in the past. Please be assured that the cause of this mistake is being thoroughly investigated and action will be taken to ensure it does not happen again.

I offer my very sincere apologies

On the other hand, the respond I received from Virgin Atlantic’s Indian call center to the inquiry about the errant email I sent through their Web site was less useful:

Dear Jonathan

Thank you for your email.

I would like to inform you that the email was an automated message sent to you. You may ignore this email.

Apologies for any inconvenience this may have caused. Thank you for contacting Virgin Atlantic.

Kind Regards

[name elided]

Contact Centre Customer Services Team

I sent the “Customer Relations Manager” who sent the first email shown above that perhaps she ought to do a better job of training her “Contact Centre Customer Services Team” how to reply to inquiries about incidents like this.

I can’t remember the last time before this week I experienced even one incident of this variety, let along three in the same week!

I guess the ghosts are out in force in honor of the upcoming Harry Potter release.

Print Friendly, PDF & Email
Share

Leave a Reply

Your email address will not be published.