When auto-replies attack

A growing number of web apps today are letting you use email to post messages and comments back to the application. For instance, Basecamp lets you reply back to a message via email and it will show up as a comment. Similar stuff happens with Drupal, ActiveCollab, and dozens of other content-driven web apps. You’ve seen it before:

— Reply above this line to add a comment —

Well, recently we added this feature to DoneDone. Everytime you comment on an issue, the other person working on it will get emailed. Users can then reply to a comment via email on an existing issue by replying “above the line”. On our servers, we run a scheduled sweeper that runs every 5 minutes. It looks at all incoming emails, decrypts meta data from the generated reply-to email address to figure out what to do with it, and then shoves all the content above the “reply above this line” bit into a comment.

If the sweeper doesn’t see the “reply above this line” bit (perhaps someone deleted it accidentally), it just submits the whole email body into the database. Then, the original commentor gets emailed that a new comment’s been posted. I imagine most other apps do it a similar way.

Today, we found some odd behavior. One of our issues would get updated with an auto-reply comment every 5th minute (Craig’s currently out of the office and has his auto-reply on):

OK, we get that auto-reply would present its issues. If I send a comment to someone who’s out-of-office, his auto-replied email would get swept up by our sweeper and insert an inadvertant comment back into DoneDone. But, why was this happening every 5 minutes?

Turns out, for this particular issue, both parties on the issue were out of office today. So, after Craig’s email client auto-replied to DoneDone, the sweeper picked it up, inserted the comment, and then rightfully emailed Lisa, the other person on this issue, that Craig posted a comment. Lisa’s email client got the message, and auto-replied to DoneDone. Our sweeper picked it up, attempted to insert the comment and then emailed Craig that a new comment was posted. Then, Craig’s email client auto-replied back to DoneDone, the sweeper picked it up and….

This vicious cycle continued for 45 minutes until Lisa checked her email and contacted us.

BTW, we didn’t see Lisa’s auto-reply comments on this issue because of a separate bug not relevant to this post. But, it got me to thinking…this kind of infinite looping must have happened before on all these other web apps that do this kinda email thing and I’m not sure we’ve all fixed the issue.

A couple quick remedies we’ve been thinking about:

  1. Our email sweeper now skips (and deletes) emails where the “reply above this line” bit is missing. Since the vast majority of auto-replies don’t quote the email they’re replying too, this will take care of most auto-replies. They’ll get skipped since the “reply above this line” verbage will be missing.
  2. We could also have our email sweeper check for an X-Loop in the email headers – which is typically sent for auto-reply emails. But, not all email clients do this, so it’s not entirely reliable.
  3. To prevent the infinite ping-pong, we could sense if the same body is being sent across from the same email address (which would likely indicate an auto-reply) and then exclude future emails from processing through the sweeper. Seems like this might introduce other limitations and throttling the “strictness” of this logic would be arbitrary (e.g. Stop processing after the Xth time you get the same email? Restrict further comments from this email address after Y number of hours?)

We’d love to know if anyone else has encountered this problem either from an end user or programmer’s perspective. How did you resolve it?