301 comments

[ 1.1 ms ] story [ 331 ms ] thread

    sohkamyung is not in the sudoers file.  This incident will be reported.
Thank goodness. That was a terrible message. I remember my very first experience with unix was setting up Red Hat 3.0.3[1] at work for a small internet company in like 1997 and getting that message and just not knowing what on earth to do. There was noone in my company who could help me and all I had was a unix book from my local library which didn't even cover linux (but I sort of thought it would be helpful).

[1] With the legendary 1.2.13 kernel

"This incident will be logged" may have been better.
“Your transgression has been noted and punishment may be dispensed accordingly”.
"A disapproving God has noted your infraction, and Santa Claus has added an entry on the naughty list for you"
"There will be consequences"
"The boss wants to see you immediately."
"Your system admin will remember this."
Yeah I think nobody checked any reports since a good 25 years now.
Boy, I made so many memes around sudo. I can't believe they removed it. I mean, sudo does log messages in /var/log/secure or /var/log/auth.log on Linux when something fails or is executed successfully, depending on security policies. The default on most distro is to log messages.
For those wondering where the reports go, under systemd-based linux distributions ideally you can get them with this:

    sudo journalctl /bin/sudo
Historically speaking however the sysadmin with access to the 'mail' command would be able to run that and see mail delivered to root@localhost for these reports. I think at least OpenBSD still does things this way [1], but they moved away from sudo YEARS ago now [2]

[1] https://man.openbsd.org/security.8

[2] https://man.openbsd.org/doas

Or you set up your system so mail for root gets redirected to an smtp server with an actual inbox read by actual people
Yeah, I kind of lament them removing this warning if I'm going to be honest. It feels like something such as that should be more common best practice.

Of course decent log collection/monitoring should also be able to catch authlog stuff and alert accordingly and I'm sure most organizations rely on solutions like that instead of letting things get lost in email

It's only removed if sudo doesn't send mail. It still warns if it's relevant.
This is a pretty short diff and it clearly does NOT do that, unless you're saying they went back later in another commit to add this. They removed the message in all situations. The string "This incident will be reported" has been removed from the source code; it could not possibly print that message now.
This doesn't seem to be correct.
Is there more to the change than the linked commit? Because if not, looking at the code change I don't see how you could possibly be correct. There is no additional logic/branching that could be checking whether sudo sends mail or not, just a string change.
It was added back in a later commit but only prints if the mail is configured.
Nice, thanks that's very useful info
Isn't it leaking detail about internal policy about whether incorrect sudoing is getting reported or not though?
I feel like that warning comes right out of the era of multi-user machines with unprivileged shell accounts. That era is largely gone. Today, someone, possibly a less knowledgeable user, runs sudo on their single user laptop that they completely own outright, and may get confused who they're being "reported" to.
Funny if you live in a free country

Potentially terrifying if you don't

To themselves of course. That's pretty clear.

But there is a renewed focus on corporate laptops to remove admin rights on windows. Not really because the user is not being trusted, but because malware has a lot more options for bypassing EDR/antimalware and persistence when it runs with admin rights.

I'm sure this will come to Linux too at some point.

Completely this, I was so confused by OP because naturally this is how my playbooks configure my systems.
I think this is mostly relevant to how confused and sometimes downright mortified it makes new users of sudo when they encounter it

In other words, don't think well-configured ansible playbooks are most people's first exposure to linux although it does sound like you're doing things right which is nice to hear

I was surprised to start getting emails about my cron tasks once I set up my mail server. It's neat.
I've always felt it was a very bad practice not to do it.

In a lot of companies but one they avoided it for fear of receiving emails. On that only company that did it, we made sure that mailbox was clean by actually having a look when cron scripts were crapping out or when users failed sudo repeatedly and contacted the users. It was a much better housekeeping than log on a box and see there are hundreds of unread emails but dismissing it like most do.

I think it's a fear of _sending_ emails. You could accidentally trigger a cronjob that sends a bunch of emails and gets you put on spam filters. Error reporting for cron is, of course, important; but the builtin email reporting is best used for the local machine/network. A more flexible and robust solution calls out to an API that handles transactional emails/push notifications with debouncing, escalation policies, etc.
Well, it depends! Because what you need to see more often is errors. You don't want successful notifications "spam" more often than error notifications.
I haven't used journalctl in a while - do you mind explaining how it works with a binary path? Does it report all system logging that came from that executable, as if it were a service file?
The systemd journal logs not only raw strings and priorities (like legacy syslog), but a large number of metadata fields for each message. One of these fields is the name of the executable which generated the message. The command

  journalctl /bin/su
can, to avoid ambiguity, also be written as

  journalctl _EXE=/bin/su
See systemd.journal-fields(7) for more information: https://manpages.debian.org/stable/systemd/systemd.journal-f...
wow! finally something neat from journald
Finally? The thing has an amazing amount of useful features. Let's see:

* Automatic log cleanup to a desired storage size.

* Automatic compression, transparent decompression.

* Filtering by date, or boot number.

* Log shipping, ability to see interleaved logs from multiple machines.

* Microsecond precision for timestamps, multiple timestamp types and output formats.

* Output in JSON or multiple other formats, for trivial parsing.

* Cursors, for easily continuing parsing where you left off.

* Applications can log custom fields. No need to extract data from strings then.

* Captures logs that happen inside initramfs before / is mounted.

* Docker containers can log to the host's journald

It's pretty darn nice, really.

The infringement has been backtraced and you will be reported to the cyberpolice
Stressful message to see back when I was a clueless child. I'm glad its getting removed.
I had a similar reaction to Windows 95's "An illegal operation has occurred." I remember wondering whether the police were on their way.
(comment deleted)
I have genuinely had to reassure panicked relatives over this.
Way back when my Dad worked from home, and had what I think was a Macintosh Classic II provided by his employer. I’d occasionally be allowed to play the games on it, mostly the pair matching one, which on one occasion crashed. Back then the crash dialog featured an icon of a bomb with the fuse lit, which caused me to panic thinking I’d caused the computer to blow up. Thankfully I hadn’t, and I believe that computer is still in his attic somewhere.
A friend of mine ran a multi-line BBS out of his home when he lived with his parents.

One day he came home and his parents sat him down to discuss the "illegal activities" he was up to with the computers. He was sweating bullets about the secret warez section of the BBS until eventually he figured out that it was due to an illegal operation crash message!

(In that case it was probably desqview rather than windows)

I got my first computer when I was about 6. It would boot to BASIC if there wasn't a floppy disk inserted. I typed something random and got back "SYNTAX ERROR". I wasn't old enough to know what either sin or taxes were, but my impression was they were both real bad.
My brother pulled this prank on me when I was first learning batch file.

I thought I was going to jail.

Who is General Protection, and why is he at fault for my programs crashing?
His second-in-command, Colonel Panic, is to be equally feared.
I was always disappointed it never summoned some grumpy graybeard unix admin from a dark server room basement to give me a chiding lecture.
Just because we’ve never seen him doesn’t mean he hasn’t at some point quietly summoned a curse on us
"man the internet has been really slow lately"

graybeard chuckles in the server room

I am 100% sure I had some petty manually-initiated retaliatory action taken against me by a sysadmin at my university. I never heard a peep through any channel, official or otherwise.
You can't simply allow this many people to hang on a cliff that high!
I receive mails from sudo incidents generated by my users, I check the boxes except the gray beard.
I shave, I try to keep my demeanor as gray as possible.
What about the red dress and flying reindeer?
I got a chiding lecture like that from some skinny UUG-type security admins, by manually shutting down my HP-UX workstation in a university CS lab. I had reached behind it and flipped the power switch.

I tried to flip it back on just afterward, to resume my business (lol) but found that my login was blocked with a message...come up to security in room 300-something and talk to us to get your account un-suspended.

The issue leading to the frantic shutdown goes as follows:

I had been browsing some of JWZ's online journals in Netscape...the old about:jwz trick.

Within those pages, there's a linked audio clip of the fake *rgasm scene from "When Harry Met Sally".

I clicked on the link not realizing what would happen, and of course this passionate audio clip played at more or less full volume to a computer lab full of university students from China.

(They were extremely "I didn't notice that" about the whole thing, but I was beet red and frantically scanning the room for anyone who I could possibly nervously laugh with...)

Back then Netscape didn't show any audio controls that I could find anywhere when clips like that played, which was also a really frustrating part of this. I guess it just handed off the audio to some process which I could have found via `top` if I had the time.

There was also an internal speaker, nothing with a manual volume control. Great!

Anyway, I went upstairs, got my lecture about other people who could have had sessions terminated while working on the same workstation, got the login back, and fortunately none of the Chinese students seemed to have let my er..._BYU_ CS security admins...know about the situation in the lab. lol.

(No longer a practicing Mormon; still think CDE is cool)

Edit: Just for the memories...at the same time, I had a PT job doing university IT support on a Novell network, and we supported, among other places (the MTC, the laundry, Creamery--PHEW those amazing chocolate malt shakes--but not so phew the time the creamery's huge 1K+ gal. milk vats leaked and there was a foot of standing milk in our PCs there, etc.), the married student housing computer labs.

Colloquially labeled by my boss and others as the "rabbit hutches"...

This was still pretty early days for the web, and I remember periodically getting frantic voicemails from newly-married folks.

A common version of the voice message would be something like, "Hi, uh...I was in the married student housing lab...trying to book airline tickets for my husband to fly home and see his mom...anyway (tearful quivering voice starts)...russian porn came up I guess? I mean I am just guessing...uh, so anyway...(crying harder, phew)...the lab assistant gave me your number, and here's my number, if we need to talk about this or anything, call me I guess?"

I can't imagine what those students must have felt when the lab assistant just shrugged their shoulders regarding "what to do about this" and gave them somebody's office number to call. Up the chain with you!

Gestapo-level perceptions would always tend to kick in at that point...and you had to maintain an ecclesiastical endorsement to continue studies there, so this was a pretty big deal. Anything involving porn was always at the potentially-terminate-your-entire-university-experience level.

(Often the calls to those labs were pretty funny though. Like a toddler put a dorito inside of a CD-ROM drive, bring your hemostat, things like that. Afterward we'd get a Jamba Juice, or get a free cafeteria meal from a really nice food-services manager, chat about Everquest, etc.)

What does UUG stand for? That's the only acronym that ChatGPT didn't give me a guess for from your comment.

The other guesses were: CDE - Common Desktop Environment, MTC - Missionary Training Center.

GPT is much better than web search for this, I'll say that. It's ability to use context is invaluable.

https://www.facebook.com/groups/byu.uug/

This user group was already in place by the time Linux came along, so you had the UUG doing Red Hat boxed set giveaways and such. There was a ton of excitement about Linux and not as much about Unix at that point. Then a bit more proper-Unix excitement when OS X came out.

The other ones are correct.

OMFG. The currently-active BYU LUG hosts their site on motherfucking Facebook. How the mighty have fallen.
I got my uni CS club going on IRC. I’ve recently discovered that they’re now on Discord. I get it, like, IRC is increasingly undesirable these days, especially without a bouncer. It still hurt though.
This is an interesting example of the Clever Hans Phenomenon. You think you're comparing GPT and Google equally but you're actually giving GPT much more manual help. A search as simple as "UUG acronym" gives me the answer in a box at the top: "Unix Users Group" (tested in incognito).

GPT is useful, but there's an annoying tendency of it's proponents to promote it with examples they haven't validated.

Interesting. The same search term returns "UUG is an acronym for: Uniface Users Group. Universal Underwriters Group." in the top box for me. Also in incognito.
I get those too, all from the wiki disambig page.

> UUG is an acronym for: Uniface Users Group. Universal Underwriters Group. Unix User Group.

They have a pretty amazing creamery at Washington State University as well... have a milkshake after lunch, you won't need dinner. Go Cougs!
Also former BYU EE major (and former Mormon), very early 2000's. I recall fondly those HP-UX boxen running CDE. I really liked that UX. For some reason it really appealed to me as an engineering student. I was very active in the UUG. At one point I lived in a married student housing unit. Some of the kids fucking incessantly in those units could have stood to make sure their windows were closed. But I digress. Story time!

This was in the early days of Napster. Out of curiosity I downloaded and unzipped it in my home directory. I think I started downloading some random file but terminated it before it finished. Several weeks later when trying to log into my account, it didn't work. When I asked the skinny kid in the admin room about it, he lectured me about having the Napster software unzipped in my home directory before telling me to delete it as he re-enabled my account.

I was generally low-trust when it came to anything administration-related at my school, so I kept my own backups of all my shit. That ended up saving my ass. The HP-UX boxen were configured to dump huge core files by default on segfaults. The predictable thing happened as random widely-ignored core files proliferated throughout student home directories. I think about 2 weeks before the end of the semester, some low-level admin kid tried writing a script that recursively walks all the students' home directories and deletes core files to free up disk space. Not wanting the script to interfere with regular workloads during the day, he had it run as a cron job in the middle of the night. The kid fucked up the script, and it instead deleted all the contents of everyone's directory for the whole goddamned department. Well, effectively. I think when the admins got into work the next morning they realized that shit was completely fucked and killed the script. But massive damage had already been done. Two weeks before the end of the semester when final class projects were all coming due. Also, the backups hadn't been working, and nobody had been giving a fuck. Until then.

I had a friend in another lab in the CS department who ran a Tor exit node from his workstation. Fast forward a few weeks, and his advisor sat him down and, with a really serious tone, asked if there's anything he wanted to talk about with respect to his usage of the lab computers. Apparently some of the shit the Tor exit nodes were accessing made some waves in the department. (Bearing in mind that BYU is a very religiously conservative institution.) He somehow survived that incident, but he went out into the Real World (there's a pun here -- you should look up the whole Julie Stoffer debacle sometime) not long after of his own accord.

Then there were the students who abused the lab laser printers to print wedding invitations. All the fucking time. IIRC, it was only 10 cents a page, so it was a steal to print really nice-looking stuff at the time. Even better were the students who fed not-safe-for-laser-printer shit into the them that would melt and gunk up the insides.

Some assholes would often lock the screen rather than log out in order to "reserve" an HP-UX workstation for themselves. That got annoying when things were busy. I'd do a hard reboot whenever I ran across an unoccupied locked workstation. Apparently there were some grad students whose work that they were distributing across several nodes as background jobs would get fucked when the workstations were hard-rebooted. Personally I think that should have been a hard lesson in a "cattle, not pets" approach to distributed systems. Especially when there is effectively no physical security for the compute nodes.

There are also UUG stories. One of my favorite is when the UUG was handing out "Software for Starving Students" CDs full of OSS software in the student quad. They ended up getting reported to the "authorities" for distributing software for free.

I miss those times, thanks for reminding
I would have taken the opportunity to ask them a few questions.

But that’s probably why they don’t come out to lecture.

Maybe not, a grumpy graybeard unix admin. But you can add "Defaults insults" to your sudoers file and get insulted when you type a wrong password.
They could at least have the option to report it to Santa
Why can't I report all those idiots posting the letter "F" in github comments? ;)
They are just paying their respects.
What does F mean?
It's a call of duty meme, at some point your character is at a funeral and F is the action button and there is a prompt on the casket "press F to pay respects"
Strong agree on that. One person doing so was possibly amusing, everyone else jumping on the wagon is just irritating noise, and I’m not even responsible for trying to sift through that for legitimate feedback.
The point of the joke is that it's a bandwagon joke.
I disagree that it's a joke, because they're absolutely nothing funny or clever or original about it, but you're right that the point is to jump on a bandwagon, and it's intentionally ironically disrespectful of everyone's time and attention, which is also the point. It's really just a spammy childish 4chan troll.

All Due Respect: Press F for Farce. Recently, Call of Duty: Advanced Warfare became roundly mocked when images showed a funeral event where the player is asked to “Press [F] to Pay Respects.”

https://www.gamedeveloper.com/design/all-due-respect-press-f...

>On the other hand, Call of Duty forces the player to Pay Respects for the game to proceed. It’s a mission objective just like any other, complete with an interactive reticle floating above the coffin. Furthermore, it’s embarrassing to ask the player to take this action explicitly. This is a military funeral! What else would you do, blow a raspberry? It’s no wonder players feel insulted.

Ludonarrative Dissonance:

https://en.wikipedia.org/wiki/Ludonarrative_dissonance

>Ludonarrative dissonance is the conflict between a video game's narrative told through the story and the narrative told through the gameplay. Ludonarrative, a compound of ludology and narrative, refers to the intersection in a video game of ludic elements (gameplay) and narrative elements. The term was coined by game designer Clint Hocking in 2007 in a blog post.

It makes strangers type seven paragraphs when someone uses it.

That one letter to seven paragraphs ratio is pretty funny when it happens.

It's a low-effort addition to the dialogue, but it is a legitimate communication of a viewpoint. Who gets to draw the line of which comments should be nuked? (My view, the repo owner should (and maybe already has that power))
Why would somebody care about low effort dialog more than a year after the commit?
And my question to the github management is why can't any registered user report any low effort useless or offensive comment to the moderators, whoever they may be, like almost every other online discussion group outside of 4chan?
If you keep tolerating BS then the BS will keep coming. That's why quality subs need moderators in the first place.
Request a "F" emoji reaction instead.
(comment deleted)
So no one checks these reports?

No wonder we've had so many high profile breaches.

Maybe this is what all those layoffs are about.

A+ joke.
Only low-key, though. A sysadmin not monitoring authlog / admin-mail is a huge security smell.

The fact that our infrastructure STINKS of this is one of the major indications we do not take security seriously.

Fortunately we solved this; we don’t have any system admin to not watch these logs.
The "this incident will be reported" message always struck me as having the same vibe as the "provided by the management for your protection" labels they have on toilet seat covers.
I teach an entry level CS course at the University and my students got scared a lot when they saw that message. It was funny until I noted that they were really worried :( .
LGTM. The incident might not be reported, so that message may not be accurate.
I remember the first time to have this message was at my first time using CERN lxplus during my undergrad. I was worried that people will think I am stupid to try "sudo apt-get" there. It was a mistake as I had several terminal sessions and forgot which one was the local.

Anyway fast forward today. I know the answer to the question to whom usually this notification gets sent. They forward it via SMTP server to the person on computing shift (at least for some of the experiments) based on the experiment this person (who tried sudo) account belongs too. probably also some IT email.

Anyway it is stressful for new and young people. but honestly I never read them. I have email rule to put them inside specific folder I don't usually open.

The first time I saw this message I was on my own danged system and I was still momentarily alarmed, hahaha. Common sense asserted itself pretty quickly of course.
My favorite message I got in Ubuntu in 2008 (I still have a screenshot of it):

> Could not grab your mouse.

> A malicious client may be eavesdropping on your session or you may have just clicked a menu or some application just decided to get focus.

> Try again.

> [Close]

I remember getting something similar-sounding on modern Ubuntu a few weeks ago.
This sounds like an xwindows thing. The way popup menu windows work in x, is the program grabs all keyboard and mouse events.
I suspect a lot of readers here will not understand what's hilarious about this.
Can someone share even one story where sudo reporting these "incidents" was helpful?

This feature seems to come from a world where elite hackers simply repeat the same sudo command over and over hoping it will eventually work.

> Can someone share even one story where sudo reporting these "incidents" was helpful?

No, not a single one.

“And, if we did, we’d have to kill you.”
Fool, I have signal handlers defined for all signals! You won't be rid of me that easily!
HN puzzles me with these downvotes. I have not a single story to share about sudo reporting the incidents and that being useful and I've managed *NIX systems for 2 decades now. Anyway, looks like there's some people out there there feel very strong about this.
Yes. More or less the first time I used Linux was on a fedora workstation at my desk at MIT. The very nice sysadmin down the hall sent me an email just a bit later saying "We see you were trying to install x program. We installed it for you." I understand that this is a very rare experience but the first time I saw that message, a helpful person was actually looking at these reports.
Does this kind of sysadmin still exists? (or do they even still have the freedom to be so kind?)

I cannot really imagine that happening today, at least not in "professional" context.

It still happens, a fellow student and friend of mine got this response ('installed it for you') about two years ago at Radboud University Nijmegen after entering `sudo apt install nasm`
Glad to hear that. I really like that style and attitude. It shows competence, humor and willingness to help.

My admins were sadly mostly of the grumpy type, who did not like change, or initiative to solve peoples problem.

Yes....?

If I see info in logs and it could help a user (my userbase is internal), I reach out to them. I've coached a number of them through improving something on their end, even if it's not a critical change.

And I'm by no means some sysadmin wizard.

"And I'm by no means some sysadmin wizard. "

It is more about the general attitude, so thank you, for being a helpful IT admin.

It sounds like you were able to successfully run sudo, just with a somewhat longer latency.
I have a small server that some of my friends have accounts on. When they accidentally (or not!) try to use sudo (often this happens with a "curl | sh" thing) I like to be informed.
As it happens - "The warning was restored in a slightly altered form in 9757d29" ( https://github.com/sudo-project/sudo/commit/9757d29a24ac1872... ) - Millert.
That makes senses. I already wanted to comment that showing an false warning is not good. But silently sending a mail of what you tried to do is worse.
This is great! Now when I break into a system I can quickly verify if they've got this aspect of sudo logging setup or not!

Only 1/2 /s

Checking if the alarm is set by seeing if it activates seems like it's not particularly useful.
Not to comment on this particular case, but this is a more useful tactic than it seems at first. Seeing the reaction that an alarm brings can provide lots of useful information for evading future ones.
For some alarms yes. But for one where you won't even know if it activated unless you see the response, and there's little reason for anyone to care about it most of the time... it seems pretty niche.
So according to the comments it isn't actually gone, just the wording updated and now dependent on if you have actually set up the mailer to report it somewhere https://github.com/sudo-project/sudo/commit/9757d29a24ac1872...
That seems pretty stupid.

While they're at it, why not update the SSH warning banner with a list of what we do and don't log on this system. As a courtesy to their adversary.

This sudo message has been the same since the dawn of time. There is literally no reason to correct it. This is the one place you don't want to be pedantic, leaking security configuration via stderr.

(comment deleted)
something like 99% of computers with sudo installed are single-user machines where the only effect of the warning is to scare people

and it's only been the same since people started to switch to sudo in the late 90s; su never printed such a warning

Reminds me of when I was younger and my mom and my brother were using a windows computer. They got the message “an illegal error has occurred” and my mom called me to ask if they had broken the law.
When I was young I had messed with the computer and it showed an english message with the word "atom" in it. My mom not being a native speaker freaked out as if a nuclear explosion was about to take place.
I almost shit myself the first time I saw X Screensaver..

It has to take the prize for worst UX ever.

do you mean the bsod screensaver

sometimes people also complain about xscreensaver's lock screen because it doesn't use a widget library, but the alternative lock screens can often be crashed through bugs in the widget libraries they use

The one with the flaming screen and countdown timer. I had just installed the distro and though I had some malware installed.
oh, that's just the lock screen

the flaming screen is just the xscreensaver logo (it's supposed to save your screen from burnin, originally)

i hadn't ever heard of anyone thinking it was malware, that's pretty funny

jwz is a more brilliant troll than i gave him credit for

[flagged]
I don't really think this is a security issue. If an attacker is able to try executing sudo on your system, you have much bigger problems (for example, data exfil can be done by non-sudo users in many cases, or if your system is sufficiently old there's known priviledge escalation exploits). I don't think an attacker gains much knowledge from knowing whether or not they're on the naughty list.
If the attacker can execute sudo they can probably just alias it to a sudo that sends them the password and wait. The number of users on multiuser systems who don't have sudo access is just vanishingly small. Universities perhaps. But in most companies, if they trust you with access to the machine in the first place they'll trust you with sudo access.
>the only effect of the warning is to scare people

Good. If you're not familiar with what sudo does, then you shouldn't be using it in the first place.

It's an abstraction. You shouldn't need to be familiar with every aspect of what it does.
If you shouldn't be using sudo, then you shouldn't be listed as a sudoer on that system. If you're listed as a sudoer, then you should become familiar with what sudo does.
If it’s your own computer you should be able to break it until you learn how not to.
i'd argue in a different direction: if sudo barks a scary unknown message at me, i'd avoid using it altogether and just use su, which is the opposite of what people should be nudged to do.
Are you familiar with every part of the stack you are working on, down to the hardware?
Yes. Largely through torturing my system and reducing it to non-bootable state and having to read up on what symbols I mangled this time and how. Why do you ask?
Maybe update pnews.sh as well to recalibrate the estimate of "hundreds, if not thousands of dollars" per usenet message.
That message is poor UI. If you know what it means, you probably don't care about the possibility of sudo sending an email when you first typed it. If you don't know, you will be worried probably without a good reason to be so.

Nowadays it's even worse than it once was, because now the natural instinct of people is to think that the incident was reported to canonical or ibm. The opposite of how they are supposed to feel about when using free software.

I'd change it to "This attempted was logged" or something like that when that is true. Just so the user is aware that the data they are typing there may be seen by someone else. But by default, in their own systems, that message should never appear, unless they specifically configured it that way.

Yes, it's important that things be clear. Hopefully we do something about man pages next, they are way too obfuscated.
Not to say sexist.

/me ducks

I've always been amused by this, because I usually get it on single user systems (mine own) without mail. It makes me picture some shady office in a bunker in central Nevada, where undeliverable incident reports end up in dusty filing cabinets, indexed by incorrect passwords.
This would make a great (inaccurate) clickbait story about how millenials (or insert group) found the message too confronting/authoritarian.