2006-01-12, 10:39 PM
Hello all,
I just got surprised by something kick-starting the password-reset routine on my board. I have a board with almost 20,000 registered people (which I mass-registered from another database). However not all these records have an email. Just an hour ago I found out that my email-box was filling with some 5,000 bounced emails (due to lack of recipient-address). These messages were the password-reset messages for real users in my system.
Now my guess is that someone tried to use the resetpassword-function in the system, got an error that threw the whole system in a loop to go through every single account in the system......then again..it stopped after 5,000 records.....but this could also be the server killing it for taking too much time/resources..
Now I need help.
I would like to make sure this doesn't happen again.
I would like to for example make sure that the system won't even try to send any messages to a user that doesn't have an email in the system. (Yes I know this is not supposed to happen anyway as email is a prerequisite for registration....but in my case it wasn't due to the need for migrating users in from another system).
I would also like to find out what caused this to happen in the first place and how can I prevent it from happening again.
cheers,
Kimmo
I just got surprised by something kick-starting the password-reset routine on my board. I have a board with almost 20,000 registered people (which I mass-registered from another database). However not all these records have an email. Just an hour ago I found out that my email-box was filling with some 5,000 bounced emails (due to lack of recipient-address). These messages were the password-reset messages for real users in my system.
Now my guess is that someone tried to use the resetpassword-function in the system, got an error that threw the whole system in a loop to go through every single account in the system......then again..it stopped after 5,000 records.....but this could also be the server killing it for taking too much time/resources..
Now I need help.
I would like to make sure this doesn't happen again.
I would like to for example make sure that the system won't even try to send any messages to a user that doesn't have an email in the system. (Yes I know this is not supposed to happen anyway as email is a prerequisite for registration....but in my case it wasn't due to the need for migrating users in from another system).
I would also like to find out what caused this to happen in the first place and how can I prevent it from happening again.
cheers,
Kimmo