Please create an account to participate in the Slashdot moderation system


Forgot your password?
United Kingdom IT

The NHS's 1.2 Million Employees Are Trapped in a 'Reply-All' Email Thread ( 302

An anonymous reader shares a Business Insider report:The NHS's 1.2 million employees are currently trapped in a "reply-all" email hell. A "test" email was accidentally sent to everyone who works at the UK health service - prompting a series of reply-all responses from annoyed recipients going out to all 1-million-plus employees of the organisations. An NHS employee told Business Insider that there have been at least 120 replies so far -- meaning that more than 140 million needless emails have been sent across the NHS's network today. As a result, they said, its email systems are running "very slow today." The NHS Pensions department is currently warning people on Twitter that "if contacting us by email please be aware that there may be delays in responding due to an issue currently affecting all NHS mail."
This discussion has been archived. No new comments can be posted.

The NHS's 1.2 Million Employees Are Trapped in a 'Reply-All' Email Thread

Comments Filter:
  • by Mycroft-X ( 11435 ) on Monday November 14, 2016 @10:22AM (#53281043)

    Please remove me from this distribution, I don't know how I got on it.

    • by aicrules ( 819392 ) on Monday November 14, 2016 @10:28AM (#53281073)
      Sorry I don't own this distribution, please contact someone else.
    • by Jose ( 15075 ) on Monday November 14, 2016 @10:30AM (#53281099) Homepage

      Me too!

    • by UPZ ( 947916 )
      GCHQ and NSA server CPU load must be spiking everytime an NHS employee hits 'reply all'.
    • Me too.

    • People, please! Stop asking to be removed, it doesn't work that way!

      • by sl3xd ( 111641 )

        When I say "stop it" the whole world is supposed to obey.

        Just because it didn't work at any point in school, the recent election, the Super Bowl, during Rush Hour, or at the Tsunami is no reason to expect it isn't different this time.

    • Can someone explain why people would ever react like this? If the company that pays your salary puts you in a internal mailing list, why would anyone assume that it was OK to ask to be taken out of it?

      • Re:Please remove (Score:4, Informative)

        by networkBoy ( 774728 ) on Monday November 14, 2016 @11:38AM (#53281807) Journal

        Because sometimes you change positions and should no longer be on a mailing list that had something to do with your old role, but the list administrator (who *might* not be IT, in fact likely isn't) hasn't taken you off it.

        I had this happen when I transferred to an entirely different team, and over 5 months later was still getting e-mail from a list that the manager of the team refused to take me off of (it was retaliation for leaving his team). Finally with the [written] consent of my current boss I started openly replying to the list's questions with bogus info that looked correct. Nothing earth shattering, but also not quite right. Hilarity ensued.

        I should add this list produced at least 50 emails a day!

        • Did you ask your current boss to ask your former boss to remove you from the list? If so, and your former boss refused, I would have hoped your current boss would escalate the issue to your former boss's boss. Kick it up the management chain.
    • by xxxJonBoyxxx ( 565205 ) on Monday November 14, 2016 @11:40AM (#53281843)
      Help!!! I am the new email administrator for a company called NHS in the UK and it's an big email system with thousands of users! My problem is that someone sent an email to everyone and now everyone else is replying. I never heard of an email server stopping emails but the company is telling us to do the needful so what should I do? Your fast reply is generously appreciated!!!
      • You seem to be unaware that NHS = National Health Service, so it's not a company but a government organisation.

    • Re:Please remove (Score:4, Interesting)

      by Yvan256 ( 722131 ) on Monday November 14, 2016 @11:42AM (#53281877) Homepage Journal

      by Mycroft-X ( 11435 ) on 2016-11-14 10:22 (#53281043), Please remove me from this distribution, I don't know how I got on it.

      by aicrules ( 819392 ) on 2016-11-14 10:28 (#53281073), Sorry I don't own this distribution, please contact someone else.

      by Anonymous Coward on 2016-11-14 10:29 (#53281079), Remove me too please

      by Anonymous Coward on 2016-11-14 10:34 (#53281137), Can people stop replying to this. Thanks.

      by Joce640k ( 829181 ) on 2016-11-14 11:13 (#53281525), It's almost as if there's no way for the mail server to filter messages with more than a million recipients.

      by Anonymous Coward on 2016-11-14 10:34 (#53281139), To all! Please Stop Replying to All asking to be removed!

      by The-Ixian ( 168184 ) on 2016-11-14 10:37 (#53281159), Please remove me from this list

      by Jason Levine ( 196982 ) on 2016-11-14 10:30 (#53281097), Hey everyone, stop replying all! This is very annoying.

      by Anonymous Coward on 2016-11-14 10:36 (#53281153), Please remove me from this mailing list.

      by Anonymous Coward on 2016-11-14 10:44 (#53281229), OK - sorry.

      by Anonymous Coward on 2016-11-14 10:45 (#53281239), Why do I keep getting emails?

      by Jose ( 15075 ) on 2016-11-14 10:30 (#53281099), Me too!

      by 110010001000 ( 697113 ) on 2016-11-14 10:34 (#53281133), unsubscribe

      by UPZ ( 947916 ) on 2016-11-14 10:42 (#53281209), GCHQ and NSA server CPU load must be spiking everytime an NHS employee hits 'reply all'.

      by PvtVoid ( 1252388 ) on 2016-11-14 10:47 (#53281253), Me too.

      by Anonymous Coward on 2016-11-14 10:56 (#53281355), Seriously though, in today's world, I am constantly surprised (although I shouldn't be anymore) by these chains that pop up routinely.

      by Anonymous Coward on 2016-11-14 11:09 (#53281475), I realize that there are a lot of stupid people in the world, but I'm not aware of any email clients where "reply all" is the default behavior.

      by Lisandro ( 799651 ) on 2016-11-14 11:14 (#53281535), People, please! Stop asking to be removed, it doesn't work that way!

      Stop using "reply all" you idiots! It's only making things worst!

      And I have also found a limit on the number of nested blockquotes we can do on Slashdot so I had to simplify my reply and make it un-nested blockquotes otherwise it would not accept my reply with a "Your comment has too few characters per line" warning! My joke has been ruined!

    • This happened in my company once. People kept replying to all, it was a clusterfuck and our company IT (in India, of course) couldn't figure out how to stop it.

      So I set up an auto-reply mechanism that looked like it came from IT, it told anyone who replied "ALL" that they were now removed from all company mailing lists.
      Of course everyone freaked out and emailed IT when they would get my notice. IT was pissed at me, but I stopped people from replying to ALL any more.

  • I survived (Score:5, Interesting)

    by Anonymous Coward on Monday November 14, 2016 @10:29AM (#53281083)

    I survived Bedlam DL3 []

    The story of when Microsoft themselves fell victim to the same issue, and how it was resolved.

    • by Anonymous Coward on Monday November 14, 2016 @11:51AM (#53281977)

      I lived through one at a large, global financial company. It was kind of humorous.

      Some lady in a small European office of the company attended a company sponsored Halloween party dressed as a policewoman. Part of her costume included mirror sunglasses. She happened to misplace them at the party.

      So the Monday after the party she sent an email to her group explaining the situation and asking for everyone to look for them. We were on Lotus Notes and she accidentally chose * (iirc) instead of her groups distribution list. So 30,000 people across the world got the email.

      The funny part is that every smart ass in the company decided to have fun with it. Reply alls started flooding the network with messages such as "Looked in my office in Germany and can't find them", "Not in Wisconsin office", and "Didn't find them but did find handcuffs, you want those?". Went on for hours and basically took the email system down for 2 days.

      The worst part is that they had a few of the servers mis-configured or something because anyone who had an auto out of office reply would respond to all with that message, which would then trigger the other out of office replies again.

      Everyone spent a really long time removing tens of thousands of emails from their mailboxes.

  • I'd say (Score:5, Funny)

    by argStyopa ( 232550 ) on Monday November 14, 2016 @10:30AM (#53281091) Journal was God's gift to business. Transformative, empowering, a paradigm-shift.

    It's Satan that added Reply-all, and then BCC just to continue the general fuckery.

    • Re:I'd say (Score:5, Informative)

      by Anonymous Coward on Monday November 14, 2016 @10:43AM (#53281211)

      But bcc prevents this entire problem. If you send a message to a large distribution you should always use bcc. Then when some retard hits reply-to-all the reply is only directed to the original sender rather than the entire distribution list.

      • That depends. I've gotten the response "There were BCCs on this email. Are you sure you want to reply all?"
      • by j-beda ( 85386 )

        But bcc prevents this entire problem. If you send a message to a large distribution you should always use bcc. Then when some retard hits reply-to-all the reply is only directed to the original sender rather than the entire distribution list.

        Yes and no. If you are sending a message to a large (or even small) group of addresses, using BCC prevents everyone from seeing everyone else's addresses, and thus prevents the "reply-all" troubles.

        For a mailing list system however, any message sent by to gets sent to everyone on the list. The system may or may not be set to deliver those messages with a return address of or of or something else, regardless of

        • There is also a limit (in kb, not the number of addresses) in a To: or CC: field. But I guess if you are sending mail to a listserv or alias that points to multiple addresses then that doesn't even kick in.

      • If you send a message to a large distribution you should always use bcc.

        If you mistakenly send the email in the first place chances are you weren't hovering over the BCC field making this point irrelevant.

      • -1, pointless attempt to sound superior

        Advising people to use BCC is only relevant to cases where the initial long recipient list is *intentional*. In this case the initial email was accidentally sent.

  • by Sean ( 422 )

    Most MUAs won't accept To/CC/BCC of unlimited length.

    • by Nutria ( 679911 )

      Certainly it's using distribution list(s).

    • Re: (Score:3, Interesting)

      by rgmoore ( 133276 )

      It doesn't have to be of unlimited length. In Outlook/Exchange, at least, it's possible to have a distribution group that is handled by the server, so including the group name in the To: (or CC: or BCC:) field will send it to everyone in that group, no matter how big. My organization has a #Everyone group that does actually go to everyone. I don't know if #Everyone is protected, but there are certainly some very large distribution groups- around 1/3 of the organization- that anyone is allowed to send to.

    • isn't very long.

  • Dilbert (Score:2, Funny)

    by Anonymous Coward

    Obligatory Dilbert:

  • I've worked at a couple of companies that have sent out mass emails like this. My guess is that 1% of employees are stupid enough to hit "reply all" when requesting being removed from the email thread.

    I seriously doubt that only 120 people in the NHS have hit reply all. My guess is that there will eventually be a few thousand who do this. That's assuming the NHS has above average intelligence employees.
    • 1% of 1.2 million is 12,000 people. . just saying
    • by Imrik ( 148191 )

      My guess is that 120 people hit reply all before they were able to disable the group.

    • I work at an engineering company that had this happen. I saw an email with subject line "test" arrive from department.all@company and thought "wait, this actually happens in real life?" as I settled in to watch the show. To everyones credit, it actually did stay quiet for a while until some smartass replied with "did the test work". That then unleashed a flood of "take me off this list right now!!!" and "stop replying to this email!!!!" emails until someone figured out how to shut it down.

      tbh it makes fo
  • So common... (Score:5, Informative)

    by aicrules ( 819392 ) on Monday November 14, 2016 @10:34AM (#53281135)
    I don't work for a company with over a million employees but I see this happen frequently. People reply all out of rote habit, not even consciously. It's so annoying. I know one company who customized their distribution of Outlook to not have a reply all button. Short of that, my recommendation is to either protect the large distribution group so that only a select few can email it and/or making use of BCC for that group when original emails are sent so that even if people do reply to all there is no further waste of time. I tried individually shaming people when they did it for a while, sending them dumbass instructions on the location of the Reply button versus Reply to All, but that had a limited impact other than for more people to know I'm an asshole. Oh well...
    • Re:So common... (Score:5, Insightful)

      by religionofpeas ( 4511805 ) on Monday November 14, 2016 @10:51AM (#53281305)
      On the other hand, if you send an e-mail to a small group of people, e.g. trying to solve a problem together, it's very annoying if one or more people to use Reply instead of Reply-All, and the rest of the group misses part of the conversation.
      • This. I believe the correct technical solution would be to limit who is allowed to email large numbers of people and the top level groups. Their should be no possible way for the intern to email every one of your million plus employees (or really even any more than 10-20). And it would be really great for the original sender to indicate the default behavior (aka, do I want to make this a conference email, or was I just sending instructions to everyone individually.)

        • by taustin ( 171655 )

          No, the correct response is to use a mailing list, and if you are concerned with interns sending 1.2 million people cat pictures, restrict who can use it. This has been the correct way to handle this for at about 20 years. There is never any excuse for allowing a message to be sent to 1.2 million discrete addresses. Ever.

    • by taustin ( 171655 )

      No, the correct response is to a) correctly configure the mail server to reject any message addressed to more than a reasonable number of people, say, 100 (or even less), and b) use mailing lists for mass messages, like people with a normal IQ.

      Whoever runs their mail server should be driven out of the profession and put in a home for the mentally impaired.

  • by The-Ixian ( 168184 ) on Monday November 14, 2016 @10:35AM (#53281143)

    The simple solution is to lock down the "all" distribution list so only certain (very few) senders can send mail to it. I am not sure why this would not have been done... I am actually surprised that this hasn't happened before if everyone has send access to this list....

    If course, if the distribution list was enumerated on the client prior to sending, that is a different story. But I can't imagine any client that would work reasonably with a million individual recipients.

  • by abies ( 607076 ) on Monday November 14, 2016 @10:38AM (#53281177)

    I have seen it few times in big corporations I worked in. Somebody sends email to wrong group by accident and then we have 3 waves of attack:

    1) Clueless people hitting 'reply all' asking for removal from mailing group
    2) Even more clueless people hitting 'reply all' asking people to not 'reply all'
    3) "Champions" trying to save a day by putting all in BCC and telling people to not reply all, unless you put it in BCC [1]

    And then, few hours later, next timezone wakes up and things start again.

    Why is it useful? After it is obvious what is happening, you create folder called 'idiots' and redirect all these emails into that group by outlook/whatever rule. After that, if you need to deal with somebody in your organization, first check if he/she is in idiots folder and approach accordingly.

    BTW, 120 replies seems very low. I have seen mailstorms with group of 10k recipients (it was not 'all' group, just some subset of company) generate over 600 replies total in these 3 waves. 120 replies from 1.2 million looks to be technical limitation (or, maybe, there was some hero in IT department who pulled the plug fast enough...)

    [1] - My favorite is self correcting champion, which first sends 'reply all' and then does reply to that with everybody in BCC saying he should have put everybody in BCC in first place...

    • by Megane ( 129182 )

      After it is obvious what is happening, you create folder called 'idiots' and redirect all these emails into that group by outlook/whatever rule.

      When I worked at Cisco back in the early 2Ks, we had reply-all storms every few months. Everyone joked that perpetuating them was the best way to get onto the "bottom 5%" list.

  • by __aaclcg7560 ( 824291 ) on Monday November 14, 2016 @10:52AM (#53281311)
    A bean counter at a local hospital sent out an email to everyone that explained the cost in lost productivity for each "reply all" email was $0.08 per person. Not surprisingly, someone hit the "reply all" button to respond that the bean counter's email cost the hospital $800 in lost productivity. It went downhill from there. Not sure if the tab was $80,000 or $800,000 in lost productivity when everyone stopped hitting "reply all" button. Executive management wasn't amused.
  • And this highlights one of the many uses of BCC

  • by pezpunk ( 205653 ) on Monday November 14, 2016 @10:58AM (#53281371) Homepage

    i worked at NG for 7 years, and there were several instances (the last one being in 2010) where email system company-wide was crippled or knocked offline by an email that was sent to the wrong mailing list. apparently, there was one available that included literally every single person in the system (probably about 100,000 people).

    i remember one morning in about 2008 or so, getting an email addressed to some team i wasn't a part of, seeing the "CC" list was several miles long, and i knew instantly what was going to happen. i guess the "first post" instinct in me acted up for the first time ever. i knew we were all already doomed, so i hit reply-all and simply posted: "oh no, not again." i did manage to be first, but before i could blink, i had over a thousand new emails all saying some variation of "WHAT IS THIS?" "REMOVE ME FROM THIS LIST" and "STOP REPLYING FOR GODS SAKE". my new emails hit 30,000 in a few minutes.

    the entire NG email system was down for more than a day.

    two days later i got called into my boss's office and he explained that top-tier management at NG had demanded that i be fired. my "oh no not again" was the last email most people saw before the system exploded. a very heated conversation between my supervisors and NG executives apparently just barely saved my job, but my supervisors were not pleased either and mentioned this would go on my permanent record (i thought that was just a high school thing). it didn't matter that i didn't actually do anything to cause the crash. i had merely made myself visible at the wrong time, and NG wanted someone's head.

    so glad i don't work there now.

    • Probably because the CTO knew that it is his head that should roll since the email system that allowed such fuckery happened on his watch.

      Got to find a low level scapegoat.

    • Back in I think 1996, when I was in the Air Force, a contractor sent to everybody on base the dancing baby animation. I think it was several megabytes in size. Nobody even had to reply to it for the mail system to crash.

      • yeah, when i was at Vicenza, Italy in the US Army around this time we did the same thing. only we did it on purpose to try to crash the email system

    • this is why i simply ignore these emails

      a lot simpler than getting outraged and emailing everyone to be taken off

  • And only a small division with a thousand or so employees.

    There had to be threats of discipline from upper management to get it to stop.

  • It could be worse (Score:5, Informative)

    by rickb928 ( 945187 ) on Monday November 14, 2016 @11:12AM (#53281509) Homepage Journal

    I get an email for a division-wide thing.

    I get a copy from my VP's admin, specifically targeting my team in case we weren't on the original distribution list.

    I get a copy of this from my manager, since he doesn't want me to miss this.

    I also get a copy of the original from a corporate level special interest group I'm part of.

    Then I get a copy from a former team member. Just in case I was left of their distribution, since they left our team but believe they may be getting team emails that current team members are not.

    And a copy from their manager, with a note to be sure the distribution list I cannot administer is properly updated to get these mails from the list they should not be and indeed are not part of. Just in case.

    Then I get a copy from an interested team leader who wants to make sure we are in the loop.

    And another from their #1 team member, who looks out for us.

    And finally my cubicle mate leans over and tell me 'hey, did you get the email from......'

    And so I have a 14GB .OST that i cannot backup locally due to GPO. and i get warnings occasionally that my file will be groomed back to an unspecified maximum size. Some day, real soon now. Right after they encrypt my files for no apparent reason, in accordance with some policy I cannot get a copy of.

    I'm not bitter, really. I feel for the corporate security and cloud services guys. They can't fix stupid.

  • I'm curious what email client they use at the DHS. I feel like Gmail or Outlook would totally explode if you tried cc-ing 1.2M people.
  • There is no earthly reason why everyone should be allowed to send emails with 1.2 million recipients. Any email with more than some reasonable number (say maybe 100ish? Certainly not more that 1000 even with that big if an org) should not be allowed to be sent except from a very small list of authorized users.

    Unless of course management caught a bad case of the dumbass and forced the admins to leave that setting on. In which case the managers should be fired.
  • by rossdee ( 243626 ) on Monday November 14, 2016 @11:39AM (#53281829)

    If /. was a British site I would assume the UK Govt health service, but its American, and the first thing that came up when I googled was National Honor Society
    Theres also quite a few schools using that TLA and the National Highway System

    • by asylumx ( 881307 )
      Did you google that before bothering to read the second sentence of the summary?

      A "test" email was accidentally sent to everyone who works at the UK health service...

  • by Bugler412 ( 2610815 ) on Monday November 14, 2016 @12:03PM (#53282095)
    If you allow your large distribution lists to be used by all, you are handing your own users a loaded weapon with a round chambered. You'd think professional email sysadmins would know this, sigh
  • by tommeke100 ( 755660 ) on Monday November 14, 2016 @12:44PM (#53282479)
    Back in the 90s I was in college and the CS department implemented some mailing-lists per course and one for the whole department (this was on a Unix server). Someone was smart enough to subscribe the mailing-list to itself (and they didn't saw it coming). He successfully mail bombed all the accounts in the department and crashed the server :). Evidently the CS department was not amused, proclaiming they would certainly find the prankster but back in those days you could just probably have done this by telnet-ting the smtp server so nope ...

    Another classic in big companies (and has happened several times at one I worked for) is people trying to send an e-mail to a department in the company like HR, finding a list named something like "HR_Dallas" in the global address listing not knowing this is not the HR Dallas department but rather the list that sends an e-mail to all Dallas employees. Yep, you just send your private confidential mail to all the employees :-)