Re: mail storm

[Albert-Lunde () nwu edu (Albert Lunde)]

> Imagine a hacker really doesn't like someone, and is willing to do
> something disruptive to a lot of other people to spite that one person.
> Or imagine that they just want to do something very disruptive.
>
> Imagine the hacker picks 2n mailing lists, subscribing the i'th to the

I've seen this played out on a smaller scale on several lists,
when a bogus auto-reply program, or an exceptionally dumb person,
replied to the list to every message, including a copy of the
previous message in each reply.

This resulted in an exponential growth, though perhaps at a slower
rate than the scheme you outline.

It did put the list in question out of production for up to several days,
till a list admin had time to notice and fix it.

In practice, there did seem in every case to be some (annoyingly large)
maximum volume/per hour beyond which the lists would not run, so
exponential growth only went till saturation was reached. But
I suppose the combination of several out-of-control lists
could bombard one mailbox much faster.

I don't think it is more dangerous than an assortment of other denial
of service attacks, but this doesn't mean we are "safe".