October 2005

ID: 00961
Ref: 899/05
Date: 28 October 2005:16:39:23
Version: 1

---

Title: Bulk E-mail Created By Microsoft Small Business Server 2003 Error
Abstract:
Vendors affected: Microsoft
Operating systems affected: Microsoft
Applications affected: Microsoft

---

Title
=====
Bulk E-mail Created By Microsoft Small Business Server 2003 Error


Detail
======

UNIRAS have received reports of incidents in which significant numbers of identical
e-mails are received by various recipients. The reports all have the following
common pattern: an organisation sends out a legitimate e-mail (such as a newsletter)
with a very large number of recipients in the "to" or "cc" field; the e-mail is
then received by each recipient many times, in some cases effectively causing a
denial-of-service on their e-mail account.

In the incidents that have been reported the cause of the problem has been found to
be an error in Microsoft Small Business Server 2003. If a server computer has
difficulty processing a very large recipient list the error causes the server to
re-send the e-mail many times.

It should be noted that the problematic server may be owned by one of the e-mail
recipients. It is not necessarily a server owned by the sender of the e-mail. The
source of the multiple copies can be found by examining the full e-mail header.

The following Microsoft Knowledge Base article explains the cause of the problem
and has a link to a patch that prevents a server re-sending an e-mail in this way.

http://support.microsoft.com/?kbid=835734

Readers may also wish to note that the problem can also avoided by using the
"bcc" field when sending an e-mail, as hiding the e-mail addresses prevents
them being used in the re-send.