The Canadian Broadcasting Corporation reports:
A Halifax [Nova Scotia] man is facing the daunting task of going through almost two decades of email messages after his email provider served notice it was deactivating his account in 30 days because of his email address: noreply@eastlink.ca
"I had it since the late '90s, probably 1998 when I really started getting online," Steve Morshead told CBC News.
"I asked for it, it was available and they gave it to me without hesitation."
He said he picked the handle "noreply" because he wanted an unusual address--and back in the '90s, it was.
Morshead never expected to lose his email address, which he uses for communicating with everyone from friends to banks to lawyers. He is in the process of selling his home and says this couldn't come at a worse time.
[...] "Now, after all these years, 20 years almost, I find it reprehensible they want to pop out of bushes and just give me 30 days to go through 20 years worth of emails and decide what I want to keep," he said.
[...] Morshead did ask the company to transfer the contents from the existing email account to a new one but they said no.
"Just flat no. No offers of help. Just the bullying that 'We're going to do it, you're going to take it. That's it.'"
Also at The Inquirer.
(Score: 2) by ikanreed on Thursday July 06 2017, @07:58PM (6 children)
It's a de facto standard, but has any standards agency, any at all, made it an official standard that mail to user noreply should be disregarded?
I guess what I'm asking is: if they want to seize it so they can send noreply emails, can't they just use donotreply@theirstupiddomain.gofuckyourself?
(Score: 2) by MrGuy on Thursday July 06 2017, @08:44PM
I suspect the concern would be more that someone could use an address like this to spoof official-looking emails, rather than not being able to find an alternate e-mail for the administrator to use.
For example, if I had the email address "updates@foo.bar," and sent an e-mail to various addresses @foo.bar with a message like "We're changing to a new billing system. Please log in to the following site and give it your credit card details..." Some people might be fooled (reasonably) into thinking the fact that the email came from an "official looking" address to mean the email was legit. Sure, you could trace such activity back to the sender, so doing this from your own owned email address might not be a winning play. But if that account gets compromised the same "bad activity" can happen.
If I own a domain, I'd prefer that users weren't able to have e-mail addresses that looked "sufficiently official." 20 years ago, the conventions on sending official email were still forming, so you can see why a provider might have allowed something then that they might not allow today.
That said, to me the issue is the provider giving a hard 30 day termination. This can't be a problem that affects many people, so working with a long-time customer to migrate less painfully would seem like more of a classy move than just terminating the account (and possibly allow you to keep a customer you'd likely lose otherwise). Might be worth a call to your provider to discuss over just complaining online...
Though my suspicion is someone just discovered regular expressions, and did a sweep for any address that looked like a rude word, racial epithet, or spam/phishing account, then put them all on a "terminate" list without considering any individual circumstances.
(Score: 4, Informative) by butthurt on Thursday July 06 2017, @09:11PM (4 children)
RFC 2142 (http://www.faqs.org/rfcs/rfc2142.html [faqs.org]) enumerates standard mailbox names (I've put these into alphabetical order):
The most important and universal are ABUSE and HOSTMASTER; POSTMASTER is "required" for domains that send mail. It doesn't mention "noreply". I think that is, as you say, a de facto standard.
I dislike the practice of sending out e-mails without reading the replies. It's disempowering to the recipients, especially when they want to stop receiving the messages. RFC 2142 says:
The "distribution lists" referred to in the passage are, if I'm not mistaken, also commonly known as "newsletters", for which "noreply" (I've observed) is often used. Hence I argue that such use of "noreply" violates RFC 2142.
(Score: 2) by FatPhil on Friday July 07 2017, @07:58AM (3 children)
The real WTF is the company giving customers email addresses in the same namespace as ones that they would want to reserve for themselves. Clearly separate them and us, and you never need to care what they do.
Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
(Score: 2) by MrGuy on Friday July 07 2017, @03:01PM (1 child)
How's working at Microsoft treating you? :)
(Score: 2) by FatPhil on Saturday July 08 2017, @08:37AM
Of course, that measures installations, and some installations (such as google) are larger than others (such as my home server).
Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
(Score: 2) by butthurt on Saturday July 08 2017, @08:16PM
> As someone who works for the company that makes the single most popular, and most standards compliant, mail server in the world
Congratulations!
> there's nothing about noreply that in any way violates even the spirit of 2142.
The spirit of the RFC, I'd say, is that when one has a domain name, or provides services over the Internet, one should be reachable via e-mail. A "noreply" address implies that messages will be ignored. That can obviously be used in a way that violates the RFC. I didn't say that "noreply" is always a violation. What I tried to say was that if a "noreply" address is used in place of a "list-request" address for a distribution list, that is a violation of the RFC. Are you disagreeing with that? If so, why?
Without anticipating that noreply@example.com would be something you'd want to reserve, how would you do that? The way that comes to mind is to have an invariant string in the user part of e-mail addresses, like customer_foo@example.com, customer_bar@example.com and so on. That's not a common practice.