Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Thursday July 06 2017, @06:43PM   Printer-friendly
from the retroactive-decisions dept.

The Canadian Broadcasting Corporation reports:

A Halifax [Nova Scotia] man is facing the daunting task of going through almost two decades of email messages after his email provider served notice it was deactivating his account in 30 days because of his email address: noreply@eastlink.ca

"I had it since the late '90s, probably 1998 when I really started getting online," Steve Morshead told CBC News.

"I asked for it, it was available and they gave it to me without hesitation."

He said he picked the handle "noreply" because he wanted an unusual address--and back in the '90s, it was.

Morshead never expected to lose his email address, which he uses for communicating with everyone from friends to banks to lawyers. He is in the process of selling his home and says this couldn't come at a worse time.

[...] "Now, after all these years, 20 years almost, I find it reprehensible they want to pop out of bushes and just give me 30 days to go through 20 years worth of emails and decide what I want to keep," he said.

[...] Morshead did ask the company to transfer the contents from the existing email account to a new one but they said no.

"Just flat no. No offers of help. Just the bullying that 'We're going to do it, you're going to take it. That's it.'"

Also at The Inquirer.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by ikanreed on Thursday July 06 2017, @07:58PM (6 children)

    by ikanreed (3164) Subscriber Badge on Thursday July 06 2017, @07:58PM (#535845) Journal

    It's a de facto standard, but has any standards agency, any at all, made it an official standard that mail to user noreply should be disregarded?

    I guess what I'm asking is: if they want to seize it so they can send noreply emails, can't they just use donotreply@theirstupiddomain.gofuckyourself?

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 2) by MrGuy on Thursday July 06 2017, @08:44PM

    by MrGuy (1007) on Thursday July 06 2017, @08:44PM (#535860)

    I suspect the concern would be more that someone could use an address like this to spoof official-looking emails, rather than not being able to find an alternate e-mail for the administrator to use.

    For example, if I had the email address "updates@foo.bar," and sent an e-mail to various addresses @foo.bar with a message like "We're changing to a new billing system. Please log in to the following site and give it your credit card details..." Some people might be fooled (reasonably) into thinking the fact that the email came from an "official looking" address to mean the email was legit. Sure, you could trace such activity back to the sender, so doing this from your own owned email address might not be a winning play. But if that account gets compromised the same "bad activity" can happen.

    If I own a domain, I'd prefer that users weren't able to have e-mail addresses that looked "sufficiently official." 20 years ago, the conventions on sending official email were still forming, so you can see why a provider might have allowed something then that they might not allow today.

    That said, to me the issue is the provider giving a hard 30 day termination. This can't be a problem that affects many people, so working with a long-time customer to migrate less painfully would seem like more of a classy move than just terminating the account (and possibly allow you to keep a customer you'd likely lose otherwise). Might be worth a call to your provider to discuss over just complaining online...

    Though my suspicion is someone just discovered regular expressions, and did a sweep for any address that looked like a rude word, racial epithet, or spam/phishing account, then put them all on a "terminate" list without considering any individual circumstances.

  • (Score: 4, Informative) by butthurt on Thursday July 06 2017, @09:11PM (4 children)

    by butthurt (6141) on Thursday July 06 2017, @09:11PM (#535875) Journal

    RFC 2142 (http://www.faqs.org/rfcs/rfc2142.html [faqs.org]) enumerates standard mailbox names (I've put these into alphabetical order):

    ABUSE
    FTP
    HOSTMASTER
    INFO
    MAILBOX
    MARKETING
    NETWORK
    NEWS
    NOC
    POSTMASTER
    SALES
    SECURITY
    SUPPORT
    USENET
    UUCP
    WEBMASTER
    WWW

    The most important and universal are ABUSE and HOSTMASTER; POSTMASTER is "required" for domains that send mail. It doesn't mention "noreply". I think that is, as you say, a de facto standard.

    I dislike the practice of sending out e-mails without reading the replies. It's disempowering to the recipients, especially when they want to stop receiving the messages. RFC 2142 says:

    Mailing lists have an administrative mailbox name to which add/drop requests and other meta-queries can be sent.

    For a mailing list whose submission mailbox name is:

    there MUST be the administrative mailbox name:

    Distribution List management software, such as MajorDomo and Listserv, also have a single mailbox name associated with the software on that system -- usually the name of the software -- rather than a particular list on that system. Use of such mailbox names requires participants to know the type of list software employed at the site. This is problematic. Consequently:

                LIST-SPECIFIC (-REQUEST) MAILBOX NAMES ARE REQUIRED,
                INDEPENDENT OF THE AVAILABILITY OF GENERIC LIST SOFTWARE
                MAILBOX NAMES.

    The "distribution lists" referred to in the passage are, if I'm not mistaken, also commonly known as "newsletters", for which "noreply" (I've observed) is often used. Hence I argue that such use of "noreply" violates RFC 2142.

    • (Score: 2) by FatPhil on Friday July 07 2017, @07:58AM (3 children)

      by FatPhil (863) <pc-soylentNO@SPAMasdf.fi> on Friday July 07 2017, @07:58AM (#536033) Homepage
      As someone who works for the company that makes the single most popular, and most standards compliant, mail server in the world - there's nothing about noreply that in any way violates even the spirit of 2142.

      The real WTF is the company giving customers email addresses in the same namespace as ones that they would want to reserve for themselves. Clearly separate them and us, and you never need to care what they do.
      --
      Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
      • (Score: 2) by MrGuy on Friday July 07 2017, @03:01PM (1 child)

        by MrGuy (1007) on Friday July 07 2017, @03:01PM (#536131)

        As someone who works for the company that makes the single most popular, and most standards compliant, mail server in the world

        How's working at Microsoft treating you? :)

        • (Score: 2) by FatPhil on Saturday July 08 2017, @08:37AM

          by FatPhil (863) <pc-soylentNO@SPAMasdf.fi> on Saturday July 08 2017, @08:37AM (#536473) Homepage
          MS barely registers as a blip on the chart: http://openemailsurvey.org/
          Of course, that measures installations, and some installations (such as google) are larger than others (such as my home server).
          --
          Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
      • (Score: 2) by butthurt on Saturday July 08 2017, @08:16PM

        by butthurt (6141) on Saturday July 08 2017, @08:16PM (#536628) Journal

        > As someone who works for the company that makes the single most popular, and most standards compliant, mail server in the world

        Congratulations!

        > there's nothing about noreply that in any way violates even the spirit of 2142.

        The spirit of the RFC, I'd say, is that when one has a domain name, or provides services over the Internet, one should be reachable via e-mail. A "noreply" address implies that messages will be ignored. That can obviously be used in a way that violates the RFC. I didn't say that "noreply" is always a violation. What I tried to say was that if a "noreply" address is used in place of a "list-request" address for a distribution list, that is a violation of the RFC. Are you disagreeing with that? If so, why?

        The real WTF is the company giving customers email addresses in the same namespace as ones that they would want to reserve for themselves. Clearly separate them and us, and you never need to care what they do.

        Without anticipating that noreply@example.com would be something you'd want to reserve, how would you do that? The way that comes to mind is to have an invariant string in the user part of e-mail addresses, like customer_foo@example.com, customer_bar@example.com and so on. That's not a common practice.