issuhub.com

ugh.book

(singke) #1 
Apple Computer’s Mail Disaster of 1991 85

For example, before sendmail will accept a message (by returning

exit status or sending a response code) it insures that all information

needed to deliver that message is forced out to the disk. In this way,

sendmail^ has “accepted responsibility” for delivery of the message

(or notification of failure). If the message is lost prior to acceptance,

it is the “fault” of the sender; if lost after acceptance, it is the “fault”

of the receiving sendmail.

This algorithm implies that a window exists where both sender and

receiver believe that they are “responsible” for this message. If a

failure occurs during this window then two copies of the message

will be delivered. This is normally not a catastrophic event, and is far

superior to losing a message.

This design choice to deliver two copies of a message rather than none at
all might indeed be far superior in most circumstances. Certainly, lost mail
is a bad thing. On the other hand, techniques for guaranteeing synchronous,
atomic operations, even for processes running on two separate computers,
were known and understood in 1983 when sendmail was written.


Date: Thu, 09 May 91 23:26:50 -0700

From: “Erik E. Fair”^6 (Your Friendly Postmaster) <[email protected]>

To: [email protected], [email protected], [...]

Subject: Case of the Replicated Errors:

An Internet Postmaster’s Horror Story

This Is The Network: The Apple Engineering Network.

The Apple Engineering Network has about 100 IP subnets, 224

AppleTalk zones, and over 600 AppleTalk networks. It stretches

from Tokyo, Japan, to Paris, France, with half a dozen locations in

the U.S., and 40 buildings in the Silicon Valley. It is interconnected

with the Internet in three places: two in the Silicon Valley, and one in

Boston. It supports almost 10,000 users every day.

When things go wrong with e-mail on this network, it’s my problem.

My name is Fair. I carry a badge.

(^6) Erik Fair graciously gave us permission to reprint this message which appeared on
the TCP-IP, UNICODE, and RISKS mailing lists, although he added: “I am not on
the UNIX-HATERS mailing list. I have never sent anything there personally. I do
not hate Unix; I just hate USL, Sun, HP, and all the other vendors who have made
Unix FUBAR.”

Free download pdf
Get our desktop app
Company
Features
Documentation
Resources
© ISSUHUB. 2024. All rights reserved.