
Microsoft now blocks reply-all email storms to end our inbox nightmares - ajay-d
https://www.theverge.com/2020/5/10/21253627/microsoft-reply-all-email-block-reply-allpocalypse-storm
======
Exmoor
This is one of those features that seems so common sense that it's surprising
it's taken this long to show up. It reminds me of when Gmail and Outlook
started giving you a warning if you said the word "attached" or "attachment"
in an email, but didn't attach files.

This reminds me of the best email storm I ever saw. Someone at a large company
I worked at sent an email to a discussion group that everyone had filtered
with rules, but they put a one-letter typo in the domain name. So imagine
something like sending it to HugeGroup@enail.com instead of @email.com. The
thing was, the company actually owned enail.com to keep competitors from
squatting on it, so the email actually went through, but completely broke
almost everyone's rules. The results were quite spectacular, and entertaining.

~~~
sjwright
Great story.

Ridiculous that MX records were assigned to a defensively held domain name.
Just asking for edge cases. Lucky this one didn’t have security consequences.

~~~
crankylinuxuser
> Ridiculous that MX records were assigned to a defensively held domain name.
> Just asking for edge cases. Lucky this one didn’t have security
> consequences.

Not really. Think of it from the customer's side. You sent an email to who you
were thinking was legitimate. You want it to go to the person/group you sent
it to.

So, because of that, the admins (and customer facing) want to deliver the
message.

I do understand the complexity of this problem. I'm sure for large corps that
wouldn't be true...

~~~
koheripbal
The solution here is a bounce message, not completed delivery.

~~~
crankylinuxuser
But why bounce when you can do what was intended?

To me, that seems like the "Technical is the worst kind of correct" answer.
And if your smaller org does good customer service, then you liberally accept
and help.

We on HN like to talk about horror company one of. We never talk much of the
ones that do things right (or better).

~~~
koheripbal
For two reasons. Firstly, you want people to have the correct email address -
because they can see the domain, and if it's wrong, you'll cause brand
confusion.

Secondly, you have to setup all these special mechanisms to correct peoples'
typos, permutations of which can be numerous. Think about the compounding
complexity of your system as you cater to the very few cases of people making
an error that can otherwise be alerted to them to be fixed.

...not to mention the potential for security vulnerabilities. Will your anti-
spam filters work on all these alternate domains? Will you setup SPK DKIM etc
for them all to prevent spoofing as well? Will you have website forwards...
...the list of things to think about goes on.

For what? To cater to that one idiot and his fat fingers? Just tell him he
fucked up.

------
sjwright
Whenever I’ve worked at a company with Exchange/Outlook I always set up my one
mail rule I can’t live without: any incoming email that doesn’t have my own
email address in the To: or Cc: fields is moved into a different inbox
(subfolder).

It was rare for any unaddressed stuff to matter to me, and it was certainly
never urgent, so usually I gave it a quick scan once a day and mark it read.

Almost makes email tolerable.

~~~
pfyra
Yeah, I do almost the same but my rules set different colors on emails where I
appear in To or CC. This way I have a quick way of determining the important
(To) and perhaps important (CC) from all other emails. I wouldn't want to work
with email without these rules.

~~~
sjwright
Nice. In my case, my _direct_ mail load was very low—typically around 3 to 5
emails per day—and anything I was specifically CCed on was just as important
for me to read as anything sent to me personally.

Whereas stuff sent to group lists (and other automated mail) was on the order
of 10–30 emails per day. Enough to make any "new mail" notifications utterly
worthless.

------
rootsofallevil
I've seen a few of these and, as somebody without anything to do with the
running of the email servers, I can say that they have been quite good fun to
watch.

The right thing to do, of course, is email the whole group asking them to stop
emailing the whole group ....

~~~
toast0
> The right thing to do, of course, is email the whole group asking them to
> stop emailing the whole group ....

It's also important to get to the bottom of how and why we were all added to
this list, a discussion that is certainly appropriate for this list!

~~~
lostlogin
If reply all didn’t exists I think the world would be a better place. There
are rare occasions it is needed, but in groups of 10+ is it really required?
At a minimum an irritating series of “are you sure” dialogues might help.

------
garraeth
I don't know anything about email software, but would it be difficult to add a
popup after hitting the "Send" button that would appear only if there were
more than X recipients (w/ a user-configurable minimum and sane default)?

Something like: "This email will be sent to 5,000 people. Are you sure you
would like to send it?"

~~~
Znafon
This would not solve the issue when the email is sent to a mailing list.

~~~
mdturnerphys
When the mailing lists are internal Exchange-based lists Outlook can check how
many people are on them.

------
tyingq
_" 10 reply-all emails to over 5,000 recipients within 60 minutes"_

It reads like that's hardcoded. Surprised you can't configure it. A welcome
feature nonetheless.

Edit: Appears it is hardcoded, at least for now. _" We are considering
possible future enhancements to improve our reply all storm detection
accuracy, add admin customizable thresholds and block duration, as well as
producing reply all storm reports and notifications."_

~~~
vxNsr
Yeah, it really should be configurable. I personally would want it for any
list over 50. It’s rare that such a large list requires everyone to know
something new 10 times in less than an hour. And if that many ppl do it would
probably benefit from a teams channel discussion not email.

~~~
lostlogin
That would make universities shed staff instantly. The number of massive group
emails sent and the daily storms that result keep many employees.

~~~
vxNsr
Can’t tell if you’re being serious or just aren’t fully explaining

~~~
lostlogin
Mine was was an unhelpful comment. Universities seem to like sending huge
group emails about everything, and there are always many “reply all” responses
and it’s awful. The department would do it, as would the school, faculty,
facility, campus and head office. And often others from that list that I
wasn’t involved in would sent them too. It was a daily train wreck.

------
bzb3
[https://techcommunity.microsoft.com/t5/exchange-team-
blog/me...](https://techcommunity.microsoft.com/t5/exchange-team-blog/me-
too/ba-p/610643)

[https://devblogs.microsoft.com/oldnewthing/20121015-00/?p=63...](https://devblogs.microsoft.com/oldnewthing/20121015-00/?p=6333)

------
mav3rick
Story time - Steve Ballmer sends an email to the entire company about buying
Nokia. Some high level exec replies all and says "Told you so ". To which
Ballmer also replies all with a smiley. Don't know if they knew they were
replying all. Or if they didn't care. Quite bizarre.

------
prepend
“Reply with Teams”

I just create a rule after a single reply all saying “please remove me”

But I haven’t seen one of these in many years.

------
xxpor
There's no faster way for me to know that someone is a person I'd never want
to work with than if they participate in a reply all storm. It's 2020. Learn
how email works.

~~~
kilo_bravo_3
I participate in every email reply-all storm.

Because I'm not a soulless, joyless, curmudgeon who gets upset by receiving
emails "oh noes my inboxzero!"

And it's funny.

~~~
xxpor
Well, I should have been more clear. I enjoy the trolling responses, not the
ones from people who have been at a company for 5 years and haven't figured
out how to unsubscribe themselves from an email list.

------
nyanpasu64
Centralized forums?

------
freepor
I wonder if there is an exception for execs. At a previous employer it was
quite common for a big piece of news to be announced by a senior exec and then
have the CEO and other execs reply all in a big storm. Definitely more than
5,000 FTE on the list.

~~~
Analemma_
There often are exceptions for execs for rules like this, which can cause
their own sets of problems. I was at Microsoft when Steve Ballmer sent the
company-wide email announcing he was going to step down; Reply All was
disabled for most people, but some poor VP in MSR, who I guess was high enough
up to be an exception, accidentally reply-all'd the whole company with his
positive reaction to the announcement. That guy must've had an awkward day.

~~~
nitrogen
I find it sometimes interesting to skim through trivial (praise/reaction) and
nontrivial (response/correction) reply-all threads to gain a better
understanding of the social dynamics, attitudes, etc. across different
departments in a company.

In other words, while they aren't always useful for immediate work, they
sometimes help with metawork.

