Re: Idea for a protection against massive notifications ?
Thank you guys, creating users named 0, 1, etc is a great trick, I will try that. I also posted a small dev idea on Communities which might be complementary. On Fri, May 31, 2013 at 7:57 PM, David Durling durl...@uga.edu wrote: ** If there are other characters that can cause the issue, perhaps validating the email field on the form minimally with a filter, something like 'Your Email Field' LIKE %_@_%._% would help I think. ** ** By the way, maybe I was wrong about the filter on the AR System Email Messages form – it might not see the 0 anyway at that point. ** ** David D. ** ** ** ** *From:* Action Request System discussion list(ARSList) [mailto: arslist@ARSLIST.ORG] *On Behalf Of *Tanner, Doug *Sent:* Friday, May 31, 2013 1:41 PM *To:* arslist@ARSLIST.ORG *Subject:* Re: Idea for a protection against massive notifications ? ** ** ** I have seen a * do it as well. Doug ** ** *From:* Action Request System discussion list(ARSList) [ mailto:arslist@ARSLIST.ORG arslist@ARSLIST.ORG] *On Behalf Of *David Durling *Sent:* Friday, May 31, 2013 1:12 PM *To:* arslist@ARSLIST.ORG *Subject:* Re: Idea for a protection against massive notifications ? ** ** ** Sylvain, ** ** Approaches mentioned in the past have included making a user record named 0 (that’s a zero) so it’s notified rather than the Public group, or I believe putting a filter on the AR System Email Messages form to throw an error on submit. ** ** Someone on this old post even mentions 00 could be interpreted as Public: search for “WARNING OF BAD AS DESIGNED FEATURE IN ITSM - zero in internet email field for person is not good.” ** ** David Durling University of Georgia ** ** ** ** *From:* Action Request System discussion list(ARSList) [ mailto:arslist@ARSLIST.ORG arslist@ARSLIST.ORG] *On Behalf Of *Sylvain YVON *Sent:* Friday, May 31, 2013 3:36 AM *To:* arslist@ARSLIST.ORG *Subject:* Idea for a protection against massive notifications ? ** ** ** Hello all, I'm coming to you after a rather big incident on my client's production server. Some filters create a list of users to notify of a certain action. It then removes the current user's login name from the list. Anyhow, there was a bug in the list that left a trailing 0 after the name of one user. When a few days ago he triggered a notification, the list had a 0 in it. Which is the id of the Public group. So our server started to send an email to 160k+ users. Thanks to a full tablespace, only 36k emails where sent.*** * The bug itself is corrected, but my client would like us to find a definitive protection against this kind of problems. The only thing I can think of for now, is having a script that would watch the AR System Email Messages. If it has more than X outbound email to send, then interrupt Email Engine. I don't even know how I could do that in a clean way. Any thoughts ? Versions : AR System 7.5 p6 RHEL 5 Oracle 11g _ARSlist: Where the Answers Are and have been for 20 years_ _ARSlist: Where the Answers Are and have been for 20 years_ This email is subject to certain disclaimers, which may be reviewed via the following link. http://compass-usa.com/Pages/Disclaimer.aspx _ARSlist: Where the Answers Are and have been for 20 years_ _ARSlist: Where the Answers Are and have been for 20 years_ ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Where the Answers Are, and have been for 20 years
Re: Idea for a protection against massive notifications ?
I replied to the Communities post with why this works. Jason On Sat, Jun 1, 2013 at 10:04 AM, Sylvain YVON sylvain.y...@gmail.comwrote: ** Thank you guys, creating users named 0, 1, etc is a great trick, I will try that. I also posted a small dev idea on Communities which might be complementary. On Fri, May 31, 2013 at 7:57 PM, David Durling durl...@uga.edu wrote: ** If there are other characters that can cause the issue, perhaps validating the email field on the form minimally with a filter, something like 'Your Email Field' LIKE %_@_%._% would help I think. ** ** By the way, maybe I was wrong about the filter on the AR System Email Messages form – it might not see the 0 anyway at that point. ** ** David D. ** ** ** ** *From:* Action Request System discussion list(ARSList) [mailto: arslist@ARSLIST.ORG] *On Behalf Of *Tanner, Doug *Sent:* Friday, May 31, 2013 1:41 PM *To:* arslist@ARSLIST.ORG *Subject:* Re: Idea for a protection against massive notifications ? ** ** ** I have seen a * do it as well. Doug ** ** *From:* Action Request System discussion list(ARSList) [ mailto:arslist@ARSLIST.ORG arslist@ARSLIST.ORG] *On Behalf Of *David Durling *Sent:* Friday, May 31, 2013 1:12 PM *To:* arslist@ARSLIST.ORG *Subject:* Re: Idea for a protection against massive notifications ? ** ** ** Sylvain, ** ** Approaches mentioned in the past have included making a user record named 0 (that’s a zero) so it’s notified rather than the Public group, or I believe putting a filter on the AR System Email Messages form to throw an error on submit. ** ** Someone on this old post even mentions 00 could be interpreted as Public: search for “WARNING OF BAD AS DESIGNED FEATURE IN ITSM - zero in internet email field for person is not good.” ** ** David Durling University of Georgia ** ** ** ** *From:* Action Request System discussion list(ARSList) [ mailto:arslist@ARSLIST.ORG arslist@ARSLIST.ORG] *On Behalf Of *Sylvain YVON *Sent:* Friday, May 31, 2013 3:36 AM *To:* arslist@ARSLIST.ORG *Subject:* Idea for a protection against massive notifications ? ** ** ** Hello all, I'm coming to you after a rather big incident on my client's production server. Some filters create a list of users to notify of a certain action. It then removes the current user's login name from the list. Anyhow, there was a bug in the list that left a trailing 0 after the name of one user. When a few days ago he triggered a notification, the list had a 0 in it. Which is the id of the Public group. So our server started to send an email to 160k+ users. Thanks to a full tablespace, only 36k emails where sent.** ** The bug itself is corrected, but my client would like us to find a definitive protection against this kind of problems. The only thing I can think of for now, is having a script that would watch the AR System Email Messages. If it has more than X outbound email to send, then interrupt Email Engine. I don't even know how I could do that in a clean way. Any thoughts ? Versions : AR System 7.5 p6 RHEL 5 Oracle 11g _ARSlist: Where the Answers Are and have been for 20 years_ _ARSlist: Where the Answers Are and have been for 20 years_ This email is subject to certain disclaimers, which may be reviewed via the following link. http://compass-usa.com/Pages/Disclaimer.aspx _ARSlist: Where the Answers Are and have been for 20 years_ _ARSlist: Where the Answers Are and have been for 20 years_ _ARSlist: Where the Answers Are and have been for 20 years_ ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Where the Answers Are, and have been for 20 years
Idea for a protection against massive notifications ?
Hello all, I'm coming to you after a rather big incident on my client's production server. Some filters create a list of users to notify of a certain action. It then removes the current user's login name from the list. Anyhow, there was a bug in the list that left a trailing 0 after the name of one user. When a few days ago he triggered a notification, the list had a 0 in it. Which is the id of the Public group. So our server started to send an email to 160k+ users. Thanks to a full tablespace, only 36k emails where sent. The bug itself is corrected, but my client would like us to find a definitive protection against this kind of problems. The only thing I can think of for now, is having a script that would watch the AR System Email Messages. If it has more than X outbound email to send, then interrupt Email Engine. I don't even know how I could do that in a clean way. Any thoughts ? Versions : AR System 7.5 p6 RHEL 5 Oracle 11g ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Where the Answers Are, and have been for 20 years
Re: Idea for a protection against massive notifications ?
** I have posted this on Communities also : https://communities.bmc.com/message/326184 But I thought there might be more suggestions on the ARS List with all the veterans here. On Fri, May 31, 2013 at 9:36 AM, Sylvain YVON sylvain.y...@gmail.comwrote: Hello all, I'm coming to you after a rather big incident on my client's production server. Some filters create a list of users to notify of a certain action. It then removes the current user's login name from the list. Anyhow, there was a bug in the list that left a trailing 0 after the name of one user. When a few days ago he triggered a notification, the list had a 0 in it. Which is the id of the Public group. So our server started to send an email to 160k+ users. Thanks to a full tablespace, only 36k emails where sent. The bug itself is corrected, but my client would like us to find a definitive protection against this kind of problems. The only thing I can think of for now, is having a script that would watch the AR System Email Messages. If it has more than X outbound email to send, then interrupt Email Engine. I don't even know how I could do that in a clean way. Any thoughts ? Versions : AR System 7.5 p6 RHEL 5 Oracle 11g ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Where the Answers Are, and have been for 20 years
Re: Idea for a protection against massive notifications ?
Sylvain, Approaches mentioned in the past have included making a user record named 0 (that's a zero) so it's notified rather than the Public group, or I believe putting a filter on the AR System Email Messages form to throw an error on submit. Someone on this old post even mentions 00 could be interpreted as Public: search for WARNING OF BAD AS DESIGNED FEATURE IN ITSM - zero in internet email field for person is not good. David Durling University of Georgia From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Sylvain YVON Sent: Friday, May 31, 2013 3:36 AM To: arslist@ARSLIST.ORG Subject: Idea for a protection against massive notifications ? ** Hello all, I'm coming to you after a rather big incident on my client's production server. Some filters create a list of users to notify of a certain action. It then removes the current user's login name from the list. Anyhow, there was a bug in the list that left a trailing 0 after the name of one user. When a few days ago he triggered a notification, the list had a 0 in it. Which is the id of the Public group. So our server started to send an email to 160k+ users. Thanks to a full tablespace, only 36k emails where sent. The bug itself is corrected, but my client would like us to find a definitive protection against this kind of problems. The only thing I can think of for now, is having a script that would watch the AR System Email Messages. If it has more than X outbound email to send, then interrupt Email Engine. I don't even know how I could do that in a clean way. Any thoughts ? Versions : AR System 7.5 p6 RHEL 5 Oracle 11g _ARSlist: Where the Answers Are and have been for 20 years_ ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Where the Answers Are, and have been for 20 years
Re: Idea for a protection against massive notifications ?
I have seen a * do it as well. Doug From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of David Durling Sent: Friday, May 31, 2013 1:12 PM To: arslist@ARSLIST.ORG Subject: Re: Idea for a protection against massive notifications ? ** Sylvain, Approaches mentioned in the past have included making a user record named 0 (that's a zero) so it's notified rather than the Public group, or I believe putting a filter on the AR System Email Messages form to throw an error on submit. Someone on this old post even mentions 00 could be interpreted as Public: search for WARNING OF BAD AS DESIGNED FEATURE IN ITSM - zero in internet email field for person is not good. David Durling University of Georgia From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Sylvain YVON Sent: Friday, May 31, 2013 3:36 AM To: arslist@ARSLIST.ORGmailto:arslist@ARSLIST.ORG Subject: Idea for a protection against massive notifications ? ** Hello all, I'm coming to you after a rather big incident on my client's production server. Some filters create a list of users to notify of a certain action. It then removes the current user's login name from the list. Anyhow, there was a bug in the list that left a trailing 0 after the name of one user. When a few days ago he triggered a notification, the list had a 0 in it. Which is the id of the Public group. So our server started to send an email to 160k+ users. Thanks to a full tablespace, only 36k emails where sent. The bug itself is corrected, but my client would like us to find a definitive protection against this kind of problems. The only thing I can think of for now, is having a script that would watch the AR System Email Messages. If it has more than X outbound email to send, then interrupt Email Engine. I don't even know how I could do that in a clean way. Any thoughts ? Versions : AR System 7.5 p6 RHEL 5 Oracle 11g _ARSlist: Where the Answers Are and have been for 20 years_ _ARSlist: Where the Answers Are and have been for 20 years_ This email is subject to certain disclaimers, which may be reviewed via the following link. http://compass-usa.com/Pages/Disclaimer.aspx ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Where the Answers Are, and have been for 20 years
Re: Idea for a protection against massive notifications ?
If there are other characters that can cause the issue, perhaps validating the email field on the form minimally with a filter, something like 'Your Email Field' LIKE %_@_%._% would help I think. By the way, maybe I was wrong about the filter on the AR System Email Messages form - it might not see the 0 anyway at that point. David D. From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Tanner, Doug Sent: Friday, May 31, 2013 1:41 PM To: arslist@ARSLIST.ORG Subject: Re: Idea for a protection against massive notifications ? ** I have seen a * do it as well. Doug From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of David Durling Sent: Friday, May 31, 2013 1:12 PM To: arslist@ARSLIST.ORGmailto:arslist@ARSLIST.ORG Subject: Re: Idea for a protection against massive notifications ? ** Sylvain, Approaches mentioned in the past have included making a user record named 0 (that's a zero) so it's notified rather than the Public group, or I believe putting a filter on the AR System Email Messages form to throw an error on submit. Someone on this old post even mentions 00 could be interpreted as Public: search for WARNING OF BAD AS DESIGNED FEATURE IN ITSM - zero in internet email field for person is not good. David Durling University of Georgia From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Sylvain YVON Sent: Friday, May 31, 2013 3:36 AM To: arslist@ARSLIST.ORGmailto:arslist@ARSLIST.ORG Subject: Idea for a protection against massive notifications ? ** Hello all, I'm coming to you after a rather big incident on my client's production server. Some filters create a list of users to notify of a certain action. It then removes the current user's login name from the list. Anyhow, there was a bug in the list that left a trailing 0 after the name of one user. When a few days ago he triggered a notification, the list had a 0 in it. Which is the id of the Public group. So our server started to send an email to 160k+ users. Thanks to a full tablespace, only 36k emails where sent. The bug itself is corrected, but my client would like us to find a definitive protection against this kind of problems. The only thing I can think of for now, is having a script that would watch the AR System Email Messages. If it has more than X outbound email to send, then interrupt Email Engine. I don't even know how I could do that in a clean way. Any thoughts ? Versions : AR System 7.5 p6 RHEL 5 Oracle 11g _ARSlist: Where the Answers Are and have been for 20 years_ _ARSlist: Where the Answers Are and have been for 20 years_ This email is subject to certain disclaimers, which may be reviewed via the following link. http://compass-usa.com/Pages/Disclaimer.aspx _ARSlist: Where the Answers Are and have been for 20 years_ ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Where the Answers Are, and have been for 20 years