1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Chumps 'R Us

Discussion in 'Just for Laughs' started by Fergal1982, Oct 31, 2006.

  1. Fergal1982

    Fergal1982 Petabyte Poster

    4,196
    171
    211
    Let me tell you a little story about the last couple of days at my work. For the sake of accountability i wont reveal the name of said company:

    Yesterday some chump received a chain email (you know the one, 'forward this to 20 friends or your firstborn will die'). He took it upon himself to dutifully forward it on. Deliberately or not, he included in his list every single Distribution list in our company (bear in mind that this company is global). As programmed, Exchange sent out this email to all the names (some were blocked due to not having permission to sent to the dl, etc). As you can predict, this slowed the servers down somewhat (although not so much they couldnt cope), especially as many many NDRs and out of office replies winged their way back to the sender.

    Stressful? you bet, but it gets better.....

    users from around the world ignored the advice IT have repeatedly offered about spam/virii emails, and took it upon themselves to reply, asking that they be removed from this list. Can you guess what happened? that right! they click reply to all, and once again the chain of events repeated themselves. Between today and yesterday, no less than 26 people have done this (im not even considering the people who more cleverly replied only to the sender).

    Furthermore, two of those people have compounded their error. One realised the error of their ways and immediately recalled the email (not realising this will obviously increase the traffic even more than just sending the email itself), and the second sent it out with requests for read receipts.

    Does anyone want these users? i want shot of them!:rolleyes:
     
    Certifications: ITIL Foundation; MCTS: Visual Studio Team Foundation Server 2010, Administration
    WIP: None at present
  2. zebulebu

    zebulebu Terabyte Poster

    3,748
    330
    187
    LOL

    I love 'em.

    Here's the notification I've set up that gets sent to internal people caught forwarding chain mails:

    Code:
    The email you have sent has been identified as a chain mail. This will be your only warning, so please read it carefully.
    
    [INSERT ORGANISATION HERE] filters all e-mail automatically.
    
    Chain emails are a waste of time and resources and contain information which may be offensive, derogatory and potentially alarming or dangerous.
    
    Please do NOT resend.
    
    Please do NOT reply to this email - it is a system-generated message - you will NOT receive a response.
    
    Any further chain mails identified as originating from your account will result in the suspension of your mail privileges for 24 hours whilst an investigation takes place. This invesitgation could lead to dismissal.
    In the past six months, four people have been sacked for forwarding chain mails - and since the last wave of terminations, we haven't had a single instance of staff forwarding chain mails on. Of course, we still get external contacts attempting to forward them to staff, but the following message usually has the desired effect:

    Code:
    Your Message [$F] triggered rule [$N] at $T $D
    
    Sender: $S
    Recipient(s): $R
    Subject: $B
    
    [INSERT ORGANISATION HERE] filters all e-mail automatically. 
    
    This message contained a chain email and has been discarded. 
    
    Your email addess has been placed in our blocklist, you will no longer be able to use it to communicate with [INSERT ORGANISATION HERE]
     
    Certifications: A few
    WIP: None - f*** 'em
  3. Sparky
    Highly Decorated Member Award

    Sparky Zettabyte Poster Moderator

    10,189
    296
    319
    LOL

    You should ban the guy from using email! :biggrin
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) Security+ Network+ A+
    WIP: Exchange 2007\2010
  4. Fergal1982

    Fergal1982 Petabyte Poster

    4,196
    171
    211
    yet another three people responding since i left. some guy decided to use it to ask the company a question regarding some work he was doing.

    bear in mind of course, that these emails are now at least 2MB in size... each, due to all the header info. and thats at least, one or two of them have been 5MB so far. i reckon this isnt going to end, as fast as we can tell people not to reply, and as fast as we can delete these emails back end, people are replying to all and sending even more out, perpetuating the cycle. personally i think we need to take a hard line and let everyone know it. suspend the offenders pending disciplinary action, and let everyone know they face the sack for replying to all. but im not the senior management in the company, and i seriously doubt they will take that line. instead they will push on IT to fix it, instead of dealing with the people making it worse.

    dont you just love the it industry sometimes?
     
    Certifications: ITIL Foundation; MCTS: Visual Studio Team Foundation Server 2010, Administration
    WIP: None at present
  5. Baba O'Riley

    Baba O'Riley Gigabyte Poster

    1,760
    23
    99
    About a year ago, we had a guy forward a viral email to all UK staff. Two days later and he was gone. The tit.
     
    Certifications: A+, Network+
    WIP: 70-270
  6. zebulebu

    zebulebu Terabyte Poster

    3,748
    330
    187
    Fella

    This is actually pretty easy to fix, provided the the messages all have a common theme.

    Run ExMerge against your mail stores and pull out any messages that fit your specified criteria - details of how to do that are here.

    Of course, you'll still have the problem of people replying to mails whilst this process is ongoing, but, provided you can do it in the middle of the night, you should see an exponential drop in the propagation of the messages the next day.
     
    Certifications: A few
    WIP: None - f*** 'em
  7. Bluerinse
    Honorary Member

    Bluerinse Exabyte Poster

    8,871
    167
    256
    It's interesting that one chain-mail can cause so much havoc within a single organisation. I had never really considered the possibility before as here on the gold coast most comapnies are small to medium sized and don't have the number of staff needed to cause this kind of mayhem.

    It also gives us some idea of how much disruption is caused to the Internet as a whole by such stupid people.
     
    Certifications: C&G Electronics - MCSA (W2K) MCSE (W2K)
  8. Fergal1982

    Fergal1982 Petabyte Poster

    4,196
    171
    211
    The problem is that, because we are a global company, we dont really have a single time thats best to run something like this. As it stands we are having to do successive exmerge scans to retrieve these emails. This is made more difficult because the mail systems are distributed across the domains, so no single group controls them all, meaning that we have to co-ordinate these scans with our equivalents in each domain. Its not helping when people change the subject and still reply to all, we've also lowered recipient limits, etc to try and cut this down too, and the management seem to be passing the word out through the organisation not to do it.

    Of course, all it takes is one person on one of the other domains (or worse, someone outside of our controlled email system who has a contact forwarding to their address) to reply to the email and it all starts all over again.

    I have to agree bluerinse. This is causing no end of a problem on our internal system (like i said, we're global with different Domains, but we have an interconnected email system), so i can see on a microcosmic scale the effect of spam as a whole on the internet. makes you wonder how much better the internet might run if spam never happened. This is also approaching the stage where, if we dont get a grip of our staff, it could be classified as a DDoS (i think).

    Its a nightmare but things seem to be settling down somewhat this morning. all we can do is continually run the scans and remove these emails, in the hopes that we catch it all before some other chump gets involved.
     
    Certifications: ITIL Foundation; MCTS: Visual Studio Team Foundation Server 2010, Administration
    WIP: None at present

Share This Page

Loading...