DHS gets Spammed with its Own Reports
[Guest post by DRJ]
The U.S. Department of Homeland Security sends out a DHS Daily Open Source Infrastructure Report to an email subscription list of hundreds, perhaps thousands of people. It’s a serious report sent to serious people … until today.
From ComputerWorld blogs:
“DHS gets spammed with its own reports.
That’s not our headline. It was suggested today by someone on the Department of Homeland Security Daily Open Source Infrastructure Report mailing list after it started a spam-like inbox flood.
Here’s the story: DHS provides a daily summary of news items for its mailing list subscribers, which includes people with security and disaster response roles, vendors and news media. But its mailing list was misconfigured today. Anyone who hit “reply all” reached everyone one the list, triggering some 200 emails — and counting. The temptation to reach out was too much. It quickly became a big networking party.
Many used it as a opportunity to say hello, where they were writing from, inquire about jobs, show support for their team, “Go Hogs,” there may have been some matchmaking, and one even mentioned that his firm sold anti-spam products.
Wrote one:
I don’t think everyone realizes that yet, but what a nice way for all of us to get to know one another!
Some of the responses:
— I like long walks on the beach and a nice chardonnay with my roasted duck.
— Or even a nice chianti with that roasted duck – it is autumn!
— Look at this as a business development opportunity. (To that end, one chimed: does anyone need homeland security consulting?)
— Howdy from Tampa, a sunny place for shady people.
— I’m a Sagittarius …
— I like scuba diving …
SysAdmin’s advice: Today’s lesson… Folks!
Always place large distro lists in the BCC field.
Reply or reply to all is a non issue.And, finally, wrote one person:
Classification: UNCLASSIFIED
what does that mean?”
Fun with government (or is it Government Fun?) on a hump day.
— DRJ
I used to work at Microsoft, and just before I was there a similar thing happened. A group at Microsoft had been working on some tools to keep people automatically in the correct distribution lists for their building, department, floor, etc., so that if you moved from building 24 to 22 you wouldn’t have to manually switch to the building 22 list. It was all under development, so they had a bunch of lists with cryptic names on them.
Microsoft has internal distribution lists on just about every topic imaginable, there are probably thousands of them. But certain groups of people aren’t supposed to use them, specifically contractors doing phone support. So a memo had gone out to a group of contractors reminding them of this with a pointer to a tool that would dump out all the lists they were on so they could see if they needed to get off of anything.
So one contractor dumped his group membership list and saw several that he didn’t recognize. He sent an email to each of them saying “I don’t know what this is, but I don’t want to be fired, so please remove me from this list”. Unfortunately for him, one of the lists was ‘every Microsoft employee or contractor, worldwide’, and they’d forgotten to secure the rights as to who could mail to this list.
At the time I think there were about 50k employees with 20k or so of them being contractors. A fair number of people sent ‘reply all’ messages that said ‘yes, please remove me to’, and of course there were a bunch of people who sent ‘reply all’ messages telling people not to use ‘reply all’.
This totally killed the Microsoft internal email system. In the end this one email message generated a mail swarm of tens of millions of emails, and took quite awhile to recover from, because it was so much email that the servers would crash as soon as they came up.
Skip (b45646) — 10/3/2007 @ 11:03 amSkip,
Wait — it actually took something happening to crash Microsoft® mail servers?
McGehee (25adee) — 10/3/2007 @ 1:33 pm