Where do "Do Not Reply" messages end up?

Tue Mar 25, 2008 6:08PM EDT

See Comments (7)

If you wanted to send an email but didn't want the recipient to be able to reply to it, what might you do? Well, if you're like thousands of automated emailing systems, you'd probably use a phony from: or reply-to: email address, like "admin@donotreply.com" to alert the recipient not to send a reply. And if you were like millions of people you'd probably just go ahead and reply anyway.

Such is the predicament that Chet Faliszek has found himself in, per a great story in the Washington Post: You see, Faliszek owns donotreply.com, and when other emailers use that domain as a reply-to address in messages they send, they don't consider that a) the domain may actually be in use and b) people might actually send replies to it despite being told not to do so.

How big a problem is it? Faliszek says he now gets millions of emails a week, many of which are filled with sensitive material intended for financial institutions of government agencies. Capital One has used a phony "donotreply.com" email to send account information to its customers; when they reply, their information goes to Faliszek. An engineering company uses such reply-free accounts for information about personnel and equipment deployed in Iraq. The intent is always harmless, as automated messages sent by a machine aren't supposed to merit a reply, but that doesn't mean using a phony email account for the from: field is the smart way to do it.

Faliszek used to alert companies about the bigger problems, but he stopped doing so after they, failing to understand that they'd screwed up, not him, threatened lawsuits and accused him of being a hacker so many times he simply just gave up. Now he runs a blog publicly shaming these lazy companies into getting their act together. If they want to be removed from the blog, the companies have to make a donation to an animal care society. (He's raised about $5,000 this way so far.)

In other news, many email administrators use "null@whateverdomain.com" as a dummy account for do-not-reply emails as well. Well, I'm living proof that that's a bad idea, too, regularly getting "test" messages and dummy missives not intended for human eyes. But I feel even more sorry for those of you named Nobody.

Comments on Where do "Do Not Reply" messages end up?

Post a Comment

Join in the discussion. Here you'll see the comments in the order they were posted.

  • 2 Posted by brianiacus on Wed Mar 26, 2008 11:51AM EDT Report Abuse

    This is a result of people not knowing their job. Read RFC 2606, people.

  • 4 Posted by kupriaa1 on Wed Mar 26, 2008 2:07PM EDT Report Abuse

    Why would Americans read an RFC? Its too technical for them. Great response though brianiacus. Heres a link for people who do not know what brian is talking about: http://www.ietf.org/rfc/rfc2606.txt

  • 5 Posted by magichat331 on Wed Mar 26, 2008 2:38PM EDT Report Abuse

    My employer has a domain like this, it is a losing battle.

More Posts: First Prev 1 2 Next Last

Post a Comment

Sign In to Post a Comment

 

Sign In to see your profile information, saved products and more...

Register Sign In

My Favorite Gadgets

 
Quick Compare See All Favorite Gadgets
 

Recent Activity

 

Recently Viewed

on | off on | off
 

Recent Searches

on | off on | off
 
 
 

Also on Yahoo! Tech

Computers Home Office Wi-Fi & Networking Phones & PDAs Cameras & Camcorders TV & Home Theater Portable Audio

Site Map | Tour | Subscribe to Yahoo! Tech

Question and Answer content at Yahoo! Tech is written by Yahoo! users at Yahoo! Answers. Yahoo! does not evaluate or guarantee the accuracy of any Yahoo! Answers content. For more information, read the Full Disclaimer.

Opinions expressed by the Advisors are their own and do not necessarily reflect the views of Yahoo! Inc. Yahoo! receives no compensation from any manufacturer or distributor nor does it compensate any Advisor for the coverage of any product or service in any Advisor's content.