Slashdot Mirror
Looping E-mails Beat The Net Down
Staili writes "Singapore-based women's magazine caused problems when it forwarded its mails to a large list of recipients, mainly mailing lists. In addition to security@suse.com, some help and subscribe lists were included; the type of addresses that tend to send out an automatic reply confirming receipt. And the loop was ready." I'm sure anyone who's messed with mail enough
has accidentally created a loop or two in their day, but this is really
slimey.
If a "solved" problem like email actually brought the net down... for a while. How do you get patches for a sendmail program without using the internet?
I demand a million helicopters and a DOLLAR!
My question is: Is it normal for a server to strip the headers from e-mails...
FROM THE ARTICLE: ["At savoixmagazine.com the mail headers were cut so it was almost impossible to find out where the mail originated from," said Drahtmuller. The everyday analogy is a letter stripped of its envelope that had the original return address printed on it, repackaged in a new envelope with a different return address, and forwarded on. "Usually mail loops like this are not possible with Unix systems because they always maintain the headers," he added.]
I'm not a e-mail expert, but why where those headers missing? (I did not see any reason given in the article.)
Accentuate the positive, don't waste your mod points on the negative.
And for anyone who thinks that email is a "solved" problem, should read my rant about broken autoresponders. (which is not about loops, but does cover how "solved" things can be broken).
Prime numbers are exactly what Alan Greenspan says they are -S. Minsky
back when i was a freshman in college someone managed to assemble an email list of all the students/faculty/staff. It was first used by someone outside the school to spam the entire campus, with all the addresses in the To and Cc fields, making the list available to anyone who received it. So someone attempted to sell their Chem Eng books, and you can picture the hell that broke out.
Quickly the list became nothing but people hitting reply-all and saying "knock it off!" and "get me off the list!" Of course, all those emails and addresses in the emails meant trouble for the mail server, causing mail to get delivered multiple times and DOS'ing normal mail.
It got so bad that I had about 100 emails in a five minute span at one point. It took a Dean's sending out an email to an announcements list pointing out school policy on mass mailings to stop it.
Thankfully, everyone from those trying to sell stuff to those saying "quit it!" all had to write a 500-word essay about why what they did was wrong.
The One Rule Of Chess You'll Ever Need: Don't play someone who carries a kit in their bookbag.
I am actually surprised by the number of times people send out email not knowing who will receive it or the number of people in their CC list. Most email clients don't let the end user see how much damage they have done. The goal of a developer is to give the users the power to get their job done, but so often you find people are clueless on what the power is or how to use it.
Personally, I would like to see email merge with databases. With a good relational DB, it is easy to show users what's gone through the pipe and how many emails your company has sent to a client, etc.. You can integrate the email into your CRM, etc. You can also place constraints on the system that can prevent this type of mailing list abuse that generates so much unwanted garbage.
Working with pure email clients (sendmail, exchange, whatever) seems to be like trying to fit a round cat through a square hole.
I once inherited a smallish network (70 nodes) that was using an NT box as a web gateway and mail server. It was running something called Xtramail, which is a truly bloody horrible piece of software. While I was trying to figure out how to gracefully get rid of this box (a 486 on ISDN), one of the users wanted to create a mailing list.
Ok, no problem. Read the docs, slurp this list, check these buttons, viola. One of the cute little checkboxes was "Only allow owner to send list mail." Duh - I checked it. The guy sent his email (only about 200 list members) and we went home.
I came in the next morning to 20,000 emails just in the queue. That fucker sent our tens of thousands of emails overnight, because the send restrict wasn't working. There were a couple dead addresses on the list, and they of course bounced - and Xtramail politely returned those bounces to the entire list. Wash, rinse, repeat. If that place had had a real server and a real 'net connection, it could have sent millions of emails in that time. As it was, many people on the list were (quite justifiably) pissed.
So I called up whoever owned Xtramail at that time (Artisoft at that time, but a different company now - can you say, "hot potato?") and had a slightly polite shit fit. The guy flat-out refused to acknowledge it was a problem, until I made him go through the same steps on his local copy.
Crickets.
"Uh, looks like that option isn't working. I'll have to file a bug report." Then I spent another 45 minutes trying to get accounting to refund the $200 I'd given them for the support call.
They never did fix the bug, but I gave up my plans to have a graceful transition. I pulled that POS out the same day and installed another little NT mailer, quite a nice one, until I replaced the whole thing with a qmail FreeBSD box.
No moral to the story, really ('cept I should have been more paranoid, and tested the list more). But I bet more than a few readers have had that quick "oh shit" feeling as they saw the queue filling up.
This isn't as much "normalization" as it is "don't take so many drugs when you're designing tables."
Downsizing can make anyone look retarded. When there are not enough people to do the work, the work does not get done.
Downsizing is only half the problem anyway. There are whole industries where the average age of engineers and craftsmen is around 50. Those companies have not hired waves of new people for 20 years or so, and fired many of those that were lucky enough to get on. Think that 60 year old overworked survivor really cares about training sucessors? Nope, they are looking for a package and will give the job to you the way they got it, learn as you burn. Many great mistakes will be repeated. I believe that this really boils down to a single factor. Does the person in question really give a shit about the consequences of his or her actions?
You are entitled to your opinion. Most normal people quit jobs where things are starting to fail. The lucky ones find good alternatives. The loyal ones get stuck with a job that much more difficult. How many years of your life are you willing to give up to hopeless causes? Everyone knows the general rules. Some are lucky enough to put the big changes off as good practice, sometimes the law, demands.
I feel awful for people who do real work at the telcos. Change sucks, and they are getting plenty of it. Imagine starting your career there before deregulation. Off you whent to serve the regulated monopoly and the public. You accepted low salaries in exchange for stability and pride of serving one of the best and cheapest telco services in the world. You also put up with the more inane political nonsense and tried to just do your job.
DMCA, Hollings, Palladium. What might have sounded like paranoia is now common sense.