What is a reply all “email storm” and how can you prevent it?

What is a reply all “email storm” and how can you prevent it?

In 2016 the UK’s National Health Service (NHS) experienced an email storm that crashed their email system and resulted in snowball effect of 168 million emails being sent in a short period of time.

The cause? A new IT contractor for the company sent out a test email company-wide (the NHS employs 1.2 million people and 840 thousand of them received the test email). Many of them replied to it, wondering why they were receiving such an email using the “reply all” function and it snowballed from there into an email chain of epic proportions, an email storm.

This email storm crashed their system and angered their employees. What they may not have known is that email storms have been occurring practically since email became the de facto method of communication for businesses around the world. The first one reported by major news and nicknamed “Bedlam” experienced by Microsoft occurred in 1997 resulted in 23 million emails sent in 7 hours, much less than the one experienced by the NHS but the amount of data generated by that storm (an estimated 295 gigabytes) was significant for the time period and the event was highly disruptive.

Email storms have even hit US government entities like the state department and NASA, the latter of which practically led to the re-institution of the Cybersecurity and Infrastructure Security Agency (CISA) after it’s funding was cut by DOGE.

So, you may be wondering, what does this have to do with you and your business? Well hopefully we’ve made it clear that email storms can happen to anyone, really at any time, and that they’re highly disruptive. The data generated by large email storms is not significantly different than the data generated by DDoS (Dedicated Denial of Service) attacks although it’s almost always an unintentional consequence of an employee or contractor sending a simple email company wide. What can you do as a business owner to prevent this from happening?

  1. Limit "Reply All" Permissions
  • What to do: Use email settings to restrict who can use the “Reply All” function, especially in large distribution lists.
  • Why it helps: Prevents unnecessary mass replies that trigger storms, especially when someone replies to hundreds or thousands of recipients.
  1. Use BCC for Large Email Lists
  • What to do: Add recipients to the BCC (blind carbon copy) field instead of the “To” or “CC” fields.
  • Why it helps: If people can’t see who else received the email, they can't reply to everyone, avoiding the risk of a chain reaction.
  1. Implement Group Email Safeguards
  • What to do: Configure email servers (like Microsoft Exchange or Google Workspace) to throttle or block emails sent to large groups when too many replies occur in a short time.
  • Why it helps: Automated tools can detect a storm and shut it down before it escalates.

While these common sense strategies can be enacted by anyone, managing email is a tricky topic overall. From setup to protections against spam or phishing, having a technology provider like Valley Techlogic can help you strategically create email policies that work and keep your business safe. Learn more today through a consultation.

Looking for more to read? We suggest these other articles from our site.

This article was powered by Valley Techlogic, leading provider of trouble free IT services for businesses in California including Merced, Fresno, Stockton & More. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on X at https://x.com/valleytechlogic and LinkedIn at https://www.linkedin.com/company/valley-techlogic-inc/.