38 comments

[ 2.1 ms ] story [ 87.6 ms ] thread
I've seen a few of these and, as somebody without anything to do with the running of the email servers, I can say that they have been quite good fun to watch.

The right thing to do, of course, is email the whole group asking them to stop emailing the whole group ....

Or you can reply to all to ask everyone to respect your wish to be removed from any further replies.
That's actually not a terrible idea, provided you BCC: them instead of TO:.
> The right thing to do, of course, is email the whole group asking them to stop emailing the whole group ....

It's also important to get to the bottom of how and why we were all added to this list, a discussion that is certainly appropriate for this list!

If reply all didn’t exists I think the world would be a better place. There are rare occasions it is needed, but in groups of 10+ is it really required? At a minimum an irritating series of “are you sure” dialogues might help.
"10 reply-all emails to over 5,000 recipients within 60 minutes"

It reads like that's hardcoded. Surprised you can't configure it. A welcome feature nonetheless.

Edit: Appears it is hardcoded, at least for now. "We are considering possible future enhancements to improve our reply all storm detection accuracy, add admin customizable thresholds and block duration, as well as producing reply all storm reports and notifications."

Yeah, it really should be configurable. I personally would want it for any list over 50. It’s rare that such a large list requires everyone to know something new 10 times in less than an hour. And if that many ppl do it would probably benefit from a teams channel discussion not email.
That would make universities shed staff instantly. The number of massive group emails sent and the daily storms that result keep many employees.
Can’t tell if you’re being serious or just aren’t fully explaining
Mine was was an unhelpful comment. Universities seem to like sending huge group emails about everything, and there are always many “reply all” responses and it’s awful. The department would do it, as would the school, faculty, facility, campus and head office. And often others from that list that I wasn’t involved in would sent them too. It was a daily train wreck.
“Reply with Teams”

I just create a rule after a single reply all saying “please remove me”

But I haven’t seen one of these in many years.

I don't know anything about email software, but would it be difficult to add a popup after hitting the "Send" button that would appear only if there were more than X recipients (w/ a user-configurable minimum and sane default)?

Something like: "This email will be sent to 5,000 people. Are you sure you would like to send it?"

This would not solve the issue when the email is sent to a mailing list.
When the mailing lists are internal Exchange-based lists Outlook can check how many people are on them.
IME email storms are most often for one of two reasons:

- someone mistakenly sends a mail to List B instead of List A, so everyone on List B goes "Huh? Remove me from this"

- someone correctly sends an email to List A, but List A was poorly configured and people were put on it without their knowledge and respond in confusion

A "too many recipients" warning wouldn't help with either of these cases.

Outlook does that by default when the email goes to more than a few hundreds people. Don't remember the exact limit.

It also works if it's a single destination email that happens to be a distribution list with 500 people.

They do it by default for all distribution list sizes, I have a list with 4 ppl in it and it still lets you know how many ppl will be getting your email.
This is one of those features that seems so common sense that it's surprising it's taken this long to show up. It reminds me of when Gmail and Outlook started giving you a warning if you said the word "attached" or "attachment" in an email, but didn't attach files.

This reminds me of the best email storm I ever saw. Someone at a large company I worked at sent an email to a discussion group that everyone had filtered with rules, but they put a one-letter typo in the domain name. So imagine something like sending it to HugeGroup@enail.com instead of @email.com. The thing was, the company actually owned enail.com to keep competitors from squatting on it, so the email actually went through, but completely broke almost everyone's rules. The results were quite spectacular, and entertaining.

Great story.

Ridiculous that MX records were assigned to a defensively held domain name. Just asking for edge cases. Lucky this one didn’t have security consequences.

> Ridiculous that MX records were assigned to a defensively held domain name. Just asking for edge cases. Lucky this one didn’t have security consequences.

Not really. Think of it from the customer's side. You sent an email to who you were thinking was legitimate. You want it to go to the person/group you sent it to.

So, because of that, the admins (and customer facing) want to deliver the message.

I do understand the complexity of this problem. I'm sure for large corps that wouldn't be true...

The solution here is a bounce message, not completed delivery.
But why bounce when you can do what was intended?

To me, that seems like the "Technical is the worst kind of correct" answer. And if your smaller org does good customer service, then you liberally accept and help.

We on HN like to talk about horror company one of. We never talk much of the ones that do things right (or better).

For two reasons. Firstly, you want people to have the correct email address - because they can see the domain, and if it's wrong, you'll cause brand confusion.

Secondly, you have to setup all these special mechanisms to correct peoples' typos, permutations of which can be numerous. Think about the compounding complexity of your system as you cater to the very few cases of people making an error that can otherwise be alerted to them to be fixed.

...not to mention the potential for security vulnerabilities. Will your anti-spam filters work on all these alternate domains? Will you setup SPK DKIM etc for them all to prevent spoofing as well? Will you have website forwards... ...the list of things to think about goes on.

For what? To cater to that one idiot and his fat fingers? Just tell him he fucked up.

Whenever I’ve worked at a company with Exchange/Outlook I always set up my one mail rule I can’t live without: any incoming email that doesn’t have my own email address in the To: or Cc: fields is moved into a different inbox (subfolder).

It was rare for any unaddressed stuff to matter to me, and it was certainly never urgent, so usually I gave it a quick scan once a day and mark it read.

Almost makes email tolerable.

Yeah, I do almost the same but my rules set different colors on emails where I appear in To or CC. This way I have a quick way of determining the important (To) and perhaps important (CC) from all other emails. I wouldn't want to work with email without these rules.
Nice. In my case, my direct mail load was very low—typically around 3 to 5 emails per day—and anything I was specifically CCed on was just as important for me to read as anything sent to me personally.

Whereas stuff sent to group lists (and other automated mail) was on the order of 10–30 emails per day. Enough to make any "new mail" notifications utterly worthless.

I've got to try this. Although in Gmail you can set indicators for when emails are too you directly, I think this solution is way better!
I wonder if there is an exception for execs. At a previous employer it was quite common for a big piece of news to be announced by a senior exec and then have the CEO and other execs reply all in a big storm. Definitely more than 5,000 FTE on the list.
There often are exceptions for execs for rules like this, which can cause their own sets of problems. I was at Microsoft when Steve Ballmer sent the company-wide email announcing he was going to step down; Reply All was disabled for most people, but some poor VP in MSR, who I guess was high enough up to be an exception, accidentally reply-all'd the whole company with his positive reaction to the announcement. That guy must've had an awkward day.
I find it sometimes interesting to skim through trivial (praise/reaction) and nontrivial (response/correction) reply-all threads to gain a better understanding of the social dynamics, attitudes, etc. across different departments in a company.

In other words, while they aren't always useful for immediate work, they sometimes help with metawork.

There's no faster way for me to know that someone is a person I'd never want to work with than if they participate in a reply all storm. It's 2020. Learn how email works.
I participate in every email reply-all storm.

Because I'm not a soulless, joyless, curmudgeon who gets upset by receiving emails "oh noes my inboxzero!"

And it's funny.

Well, I should have been more clear. I enjoy the trolling responses, not the ones from people who have been at a company for 5 years and haven't figured out how to unsubscribe themselves from an email list.
Sometimes it's fun to pretend you don't know how email works and 'accidentally' completely fuck up your company/university email system for a few hours.
Story time - Steve Ballmer sends an email to the entire company about buying Nokia. Some high level exec replies all and says "Told you so ". To which Ballmer also replies all with a smiley. Don't know if they knew they were replying all. Or if they didn't care. Quite bizarre.