The Unix-Haters handbook page 127

Apple Computer’s Mail Disaster of 1991 87 user, Mark E. Davis, is on the unicode@sun.com mailing list, to dis- cuss some alternatives to ASCII with the other members of that list. Sometime on Monday, he replied to a message that he received from the mailing list. He composed a one paragraph comment on the orig- inal message, and hit the “send” button. Somewhere in the process of that reply, either QuickMail or MAIL*LINK SMTP mangled the “To:” field of the message. The important part is that the “To:” field contained exactly one “” character, without a matching “” character. This minor point caused the massive devastation, because it interacted with a bug in sendmail. Note that this syntax error in the “To:” field has nothing whatsoever to do with the actual recipient list, which is handled separately, and which, in this case, was perfectly correct. The message made it out of the Apple Engineering Network, and over to Sun Microsystems, where it was exploded out to all the recip- ients of the unicode@sun.com mailing list. Sendmail, arguably the standard SMTP daemon and mailer for UNIX, doesn’t like “To:” fields which are constructed as described. What it does about this is the real problem: it sends an error message back to the sender of the message, AND delivers the original mes- sage onward to whatever specified destinations are listed in the recip- ient list. This is deadly. The effect was that every sendmail daemon on every host which touched the bad message sent an error message back to us about it. I have often dreaded the possibility that one day, every host on the Internet (all 400,000 of them8) would try to send us a message, all at once. On Monday, we got a taste of what that must be like. I don’t know how many people are on the unicode@sun.com mailing list, but I’ve heard from Postmasters in Sweden, Japan, Korea, Aus- 8There are now more than 2,000,000 hosts. —Eds.

88 Mail tralia, Britain, France, and all over the U.S. I speculate that the list has at least 200 recipients, and about 25% of them are actually UUCP sites that are MX’d on the Internet. I destroyed about 4,000 copies of the error message in our queues here at Apple Computer. After I turned off our SMTP daemon, our secondary MX sites got whacked. We have a secondary MX site so that when we’re down, someone else will collect our mail in one place, and deliver it to us in an orderly fashion, rather than have every host which has a message for us jump on us the very second that we come back up. Our secondary MX is the CSNET Relay (relay.cs.net and relay2.cs.net). They eventually destroyed over 11,000 copies of the error message in the queues on the two relay machines. Their post- mistress was at wit’s end when I spoke to her. She wanted to know what had hit her machines. It seems that for every one machine that had successfully contacted apple.com and delivered a copy of that error message, there were three hosts which couldn’t get ahold of apple.com because we were overloaded from all the mail, and so they contacted the CSNET Relay instead. I also heard from CSNET that UUNET, a major MX site for many other hosts, had destroyed 2,000 copies of the error message. I pre- sume that their modems were very busy delivering copies of the error message from outlying UUCP sites back to us at Apple Computer. This instantiation of this problem has abated for the moment, but I’m still spending a lot of time answering e-mail queries from postmas- ters all over the world. The next day, I replaced the current release of MAIL*LINK SMTP with a beta test version of their next release. It has not shown the header mangling bug, yet. The final chapter of this horror story has yet to be written. The versions of sendmail with this behavior are still out there on hun- dreds of thousands of computers, waiting for another chance to bury some unlucky site in error messages.

Previous Page Next Page

The Unix-Haters handbook Page 127 (127 of 360)

The Unix-Haters handbook resources

Help