Comments on: what did we tell you

what did we tell you

Armitage Shanks — Wed, 19 Mar 2008 13:46:38 -0800

The owners of the domain donotreply.com get a lot of mail. [via]

By: docpops

docpops — Wed, 19 Mar 2008 13:56:19 -0800

This is unreal.

By: shakespeherian

shakespeherian — Wed, 19 Mar 2008 13:59:34 -0800

I thought this was going to be humorous. Now I think we should shut down the internet for our own good.

By: sonic meat machine

sonic meat machine — Wed, 19 Mar 2008 14:04:54 -0800

Even nominally intelligent people are completely unwilling to put the same amount of effort into being safe on the computer that they are willing to put into being safe "in real life." Online activities have a feeling of the unreal, and most people (even college-educated white collar workers...) don't have a visceral grasp of the risks of insecurity.

By: TheWaves

TheWaves — Wed, 19 Mar 2008 14:05:48 -0800

Very clever. Nice how he donates money to the animals in the process as well.

By: not_on_display

not_on_display — Wed, 19 Mar 2008 14:07:06 -0800

Since homeland security and the TSA actually deal with national freaking security, I am not going to post the information in the emails... Cocktease! Goddamnit! (Still, I'll read the rest. Thanks!)

By: Hicksu

Hicksu — Wed, 19 Mar 2008 14:07:30 -0800

Wow. This is fantastic. I never thought of where all those donotreply responses go. I wonder if this guy also owns missingsock.com?

By: adipocere

adipocere — Wed, 19 Mar 2008 14:08:37 -0800

The September That Never Ended dumbed us down And spam has given my site some renown I heard Outlook chime and gave a sigh But this was the domain of do not reply.

By: googly

googly — Wed, 19 Mar 2008 14:11:33 -0800

Mmmmmm....donots.

By: preparat

preparat — Wed, 19 Mar 2008 14:13:44 -0800

In the distant past, how did we get people to not respond to a letter? I'm sure it wasn't done by asking the recipient to not mail a response to: Nobody is here 100 Main St, Townville, PA USA

By: spiderskull

spiderskull — Wed, 19 Mar 2008 14:21:58 -0800

Crazy. It's a good thing this guy got to the domain first...

By: adipocere

adipocere — Wed, 19 Mar 2008 14:22:45 -0800

Preparat, that's because, for normal people: 1) Snail mail does not come with a button where you can click it and a copy is prepared for you to send back, complete with a place to put angry rants. 2) Snail mail does not come with a different button so you can forward it to all of your friends, so you don't have bad luck for the next three years. 3) Mailboxes don't have an easy "vacation setting" where you can have your mail sent back until such a date, at least without filling out a form. 4) It costs 41 cents (or whatever) to reply.

By: vhsiv

vhsiv — Wed, 19 Mar 2008 14:27:01 -0800

It's a good thing this guy got to the domain first... Honestly, it's just a matter of time now, before Homeland Security or some Corporate Lawyers show up at his place to seize all of his computers and all of the Corporate Intel that he's unlawfully gotten hold of. Trust me.

By: not_on_display

not_on_display — Wed, 19 Mar 2008 14:35:42 -0800

But how did he "unlawfully" get a hold of this info? It seems as if people are sending me stuff unsolicited, I'm not stealing it. (Not that I don't trust you; I'm sure the shelf-life of this site is growing shorter by the moment.)

By: preparat

preparat — Wed, 19 Mar 2008 14:38:15 -0800

adipocere - points taken. My issue is not with the people who respond, but with those who, being in a position which expects of them a certain degree of diligence and modest amount of care, misuse the Reply to: (not sure that's definitely the name) field in email, because, whatever, this is a made-up domain which does not exist.

By: StickyCarpet

StickyCarpet — Wed, 19 Mar 2008 14:42:51 -0800

There was a guy in NY who wrote "none" as his second choice for vanity plates, got it, kept it, then received hundreds of violations in the mail every week.

By: adamrice

adamrice — Wed, 19 Mar 2008 14:49:46 -0800

Unlawfully? There's no law against other people being idiots.

By: delmoi

delmoi — Wed, 19 Mar 2008 14:50:25 -0800

The owners of the domain donotreply.com get a lot of mail Maybe someday someone will email them a sense of humor.

By: maxwelton

maxwelton — Wed, 19 Mar 2008 14:55:25 -0800

Seems to me I've seen something similar with another domain, perhaps something like "nowhere.com" where the site owners simply let anyone paw through the emails that arrived there. Hm. Anyway, it boggles my mind that any dev wouldn't use something like "donotreply@" the domain they actually own, and just bit bucket them when they come back, with a bounce giving customer contact info.

By: pombe

pombe — Wed, 19 Mar 2008 15:04:13 -0800

Apparently StickyCarpet's "NONE" story is more common that I would have thought. Snopes has an interesting write up of people getting parking tickets for various other vanity plate names.

By: mediareport

mediareport — Wed, 19 Mar 2008 15:06:04 -0800

Brilliant. They're really doing the right thing with this - shaming the companies without compromising the ordinary shmoes. Check the about page: So enjoy the stupidity of others. I used to call, email, blah blah blah to try and contact the company to get it to stop. It never did. The only thing that ever works (and sometimes that doesn't even do it - yeah I am looking at you Intel), is posting bits and pieces here... On average, because of this site and others I run, I am served with a legal threat at the rate of one a month, often running to one weekly. I have never been actually sued, just threatened plenty. So before you send me a legal threat about your company being mentioned here, first try an email, be nice, be reasonable and leave me a phone number and I will call you back. Normal payment to be removed from the site is a donation to your local pound/animal protective league. So far this site has raised around $5,000 for local pounds. I can't imagine anyone doing this better. Maybe the Homeland Security angle (!) will get it some mainstream press. Maybe someday someone will email them a sense of humor. I'm sure they'll find their sense of humor once they get over their shock at human stupidity. But really, the range of stupidity they see is truly awesome, so I'm not holding my breath.

By: sfenders

sfenders — Wed, 19 Mar 2008 15:11:30 -0800

Yeah, this is a bit sad. Any competent network admin knows that the IETF standard address to send all your top-secret local network security reports to when you don't want to read them yourself is user@example.com.

By: Dave Faris

Dave Faris — Wed, 19 Mar 2008 15:15:53 -0800

He should also see if he can score the phone number 555-1212.

By: baphomet

baphomet — Wed, 19 Mar 2008 15:24:49 -0800

Epic lulz, I thought I recognized the sarcastic tone of the posts...the Chet that owns this site is none other than Chet from Portal of Evil and Portal of Evil News.

By: The Castle

The Castle — Wed, 19 Mar 2008 15:37:48 -0800

Baphomet, he also used to run Old Man Murray, which is the best damn gaming site that ever existed.

By: shmegegge

shmegegge — Wed, 19 Mar 2008 15:38:59 -0800

this guy has been making the internet scary for a very long time.

By: eclectist

eclectist — Wed, 19 Mar 2008 15:49:07 -0800

$$$ spent on IT != good interwebs In this same vein, though, the guy who codes/maintains thttpd has, quite possibly, the funniest such story, and you think he'd know, as his site is www.acme.com

By: Sys Rq

Sys Rq — Wed, 19 Mar 2008 15:57:30 -0800

Holy fucking fuck this is hilarious.

By: interrobang

interrobang — Wed, 19 Mar 2008 16:10:47 -0800

Well, I've learned something: from now on, I'll always be responding to donotreply.com e-mail addresses.

By: grouse

grouse — Wed, 19 Mar 2008 16:24:59 -0800

That is insane, eclectist.

By: Samizdata

Samizdata — Wed, 19 Mar 2008 16:27:45 -0800

I've had many the same interchanges with people that don't know how to read mail headers. I do my own mail hosting and my domain has been forged more than once. I have also received a good few mails, threatening and otherwise, claiming I am a spammer. Eventually I manage to get through to them that their mailhost apparently takes everything on blind faith (which is bad) and also how to actually look at headers to find where mail REALLY comes from.

By: camcgee

camcgee — Wed, 19 Mar 2008 16:38:13 -0800

Epic lulz, I thought I recognized the sarcastic tone of the posts...the Chet that owns this site is none other than Chet from Portal of Evil and Portal of Evil News. posted by baphomet at 3:24 PM on March 19 [+] [!] Baphomet, he also used to run Old Man Murray, which is the best damn gaming site that ever existed. posted by The Castle at 3:37 PM on March 19 [+] [!] He now works for Valve, writing for games.

By: davemee

davemee — Wed, 19 Mar 2008 16:38:54 -0800

Another guy who was just begging for it had registered localhost.com¹. Now, back in the day, when all you credibly had was your flaky Netscape browser (cum mail client/newsreader/page composer/calendar/etc), they added a helpful feature for that increasing body of users who would fail to add .com to their domain entry - it would do it for you, if you forgot! When you were running a test server on your own machine, and Apache would silently fail to restart (mod_perl being a temperamental beast back then), it would lead to some head scratching. I spent some time backtracking and trying to figure out where the henk those pages were on my machine, and who had put them there. ahh, heady days. ¹ thank you, archive.org

By: nzero

nzero — Wed, 19 Mar 2008 16:45:47 -0800

Normal payment to be removed from the site is a donation to your local pound/animal protective league. So far this site has raised around $5,000 for local pounds. Anybody know how this is not extortion, exactly?

By: Fiasco da Gama

Fiasco da Gama — Wed, 19 Mar 2008 16:51:26 -0800

hide their shame ≠ extortion

By: vsync

vsync — Wed, 19 Mar 2008 16:56:11 -0800

Anyway, it boggles my mind that any dev wouldn't use something like "donotreply@" the domain they actually own, and just bit bucket them when they come back, with a bounce giving customer contact info.

maxwelton, don't legitimize such rude and improper behavior by describing a "right" way to do it.

By: Creosote

Creosote — Wed, 19 Mar 2008 16:58:02 -0800

There is actually a more or less canonical top-level domain to use for cases where you want an obviously invalid Internet address: not surprisingly, it is .invalid. See RFC2606. (It's not really intended for this use case, namely a bogus Reply-To address, but it's obviously a much safer thing to use than anything.com.

By: drjimmy11

drjimmy11 — Wed, 19 Mar 2008 17:01:27 -0800

the CTO of my company yelled at all of us for using "test.com" emails, b/c test.com is a real company and emailing them could potentially get us put on a spammer list.

By: Creosote

Creosote — Wed, 19 Mar 2008 17:08:33 -0800

and I hope, drjimmy, that the CTO pointed you to RFC2606, where you'll also find that .test is the IANA-reserved top-level domain name for testing. Those RFC guys think of everything!

By: soundofsuburbia

soundofsuburbia — Wed, 19 Mar 2008 17:17:50 -0800

I can understand mistakes, I cannot understand this continuation of stupidity. A shield, some banners, a couple of swords, a dragon and that sentence in latin. Yes.

By: hattifattener

hattifattener — Wed, 19 Mar 2008 17:31:56 -0800

And as sfenders pointed out upthread, RFC 2606 also reserves example.{com,net,org}.

By: rokusan

rokusan — Wed, 19 Mar 2008 17:33:16 -0800

example.com used to be like that, but now it's ICANN reserved for almost the same reason, the same way the entire .test TLD is. I believe sample.com still has a real owner, though, and website.com certainly does.

By: puke & cry

puke & cry — Wed, 19 Mar 2008 17:38:51 -0800

I remember Donotreply.com used to be on the list for evilemail domain names although it doesn't look like it is anymore.

By: mrgrimm

mrgrimm — Wed, 19 Mar 2008 18:00:12 -0800

agreed. hilarious.

By: dhartung

dhartung — Wed, 19 Mar 2008 18:03:12 -0800

I'm not sure I agree with you a hundred percent on your police work, there, Lou.

By: SteelyDuran

SteelyDuran — Wed, 19 Mar 2008 19:06:52 -0800

They never taught us any of this stuff back at loopback.edu.

By: aeschenkarnos

aeschenkarnos — Wed, 19 Mar 2008 20:09:54 -0800

nzero Anybody know how this is not extortion, exactly? Primarily, the lack of personal benefit.

By: cillit bang

cillit bang — Wed, 19 Mar 2008 20:53:42 -0800

hide their shame ≠ extortion But it is blackmail.

By: Fiasco da Gama

Fiasco da Gama — Wed, 19 Mar 2008 21:24:16 -0800

Very funny blackmail, for a good cause. Won't somebody think of the kittens?

By: maxwelton

maxwelton — Wed, 19 Mar 2008 22:29:17 -0800

vsync, take the example of an automated email generated by a server on user registration. I guess I'm a scumbag for including This email is automated. Please do not reply to it. And then using donotreply@ the domain it is being sent from? If someone does reply despite the warnings, they get a bounce that says Hi, this mailbox is not monitored--it's where our server sends registration emails from. To get in touch, please visit www.example.tld/contact/ or call 8xx-555-1212 from 9-6 Pacific time. You may wish to look through our FAQ at www.example.tld/faq/ to see if your question has already been answered. Thanks! I'm anxious to hear what the better way of doing this is.

By: pompomtom

pompomtom — Thu, 20 Mar 2008 02:32:45 -0800

Maybe someday someone will email them a sense of humor. from the site: Dear Kellogg Brown & Root ... M____ C____ ordered almost $5,000 worth of portable toilets. Better watch out for this guy, sounds like he is planning a rave.

By: Spatch

Spatch — Thu, 20 Mar 2008 06:06:16 -0800

I knew of the folks who, in the heady dotcom days, owned nowhere.com (they may still have it for all I know.) They received a hell of a lot of reply mail, and put up a bunch of SMTP (arf! arf!) filters to try and combat it. They succeeded mostly. My housemate, who owned somewhere.com at the time, also got quite a bit of spam but not on the scale that nowhere.com got.

By: TheSpot

TheSpot — Thu, 20 Mar 2008 08:22:30 -0800

I really don't know what to say about this site.

By: nzero

nzero — Thu, 20 Mar 2008 09:34:06 -0800

aeschenkarnos wrote: Primarily, the lack of personal benefit On the contrary, extortion does not legally require personal benefit as I understand it, but rather forcing another person to part with property. In other words, it doesn't matter what you force the other person to do with the money, it only matters that you are forcing him to part with it. Also, I disagree with cillit bang that this is blackmail, in the sense that I don't think it's legal to post private emails to a public forum. Isn't that why they put those little disclaimers at the bottom of corporate emails that say "if you're not the intended recipient of this email you must delete it immediately?" Are there any actual lawyers here who can comment on any of this?

By: Sys Rq

Sys Rq — Thu, 20 Mar 2008 09:49:59 -0800

Isn't that why they put those little disclaimers at the bottom of corporate emails that say "if you're not the intended recipient of this email you must delete it immediately?" If they're so incompetent that they don't know where their emails are going, they should probably put those disclaimers at the top where they might do some good.

By: grouse

grouse — Thu, 20 Mar 2008 10:00:56 -0800

Here's an analysis of some of those useless disclaimer terms. Don't believe them. I don't think it's legal to post private emails to a public forum On what basis? Particularly, which of the donotreply.com e-mail postings do you think is illegal, and why?

By: Spatch

Spatch — Thu, 20 Mar 2008 10:15:28 -0800

Isn't that why they put those little disclaimers at the bottom of corporate emails that say "if you're not the intended recipient of this email you must delete it immediately?" IANAL, but I believe those disclaimers carry about as much legal weight as "These files are for educational purposes only" or "You must delete this file within 24 hours of receiving it".

By: Big_B

Big_B — Thu, 20 Mar 2008 13:06:11 -0800

Huh. Maybe I should stop using bob@bob.com as my throwaway email address. Sorry Bob!

By: nzero

nzero — Thu, 20 Mar 2008 13:06:47 -0800

Here's an analysis of some of those useless disclaimer terms. Don't believe them. Ok, so cillit bang was right, it seems like blackmail not extortion. Still waiting for a lawyer to chime in on why it isn't illegal. On what basis? Particularly, which of the donotreply.com e-mail postings do you think is illegal, and why? All of them, in that he is offering to take down the messages in return for a donation to a charity from the message sender or recipient (i.e. he is blackmailing charitable donations using these messages).

By: hades

hades — Thu, 20 Mar 2008 14:17:25 -0800

Huh! Your housemate owned somewhere.com, Spatch? I own elsewhere.org, and I used to get a bunch of email that had someone@somewhere.com in the cc list. I think there was a HOWTO out there that used someone@somewhere.com and someoneelse@elsewhere.org as their example addresses. Doesn't happen so much any more, though. (The huge volume of spam I get now is my own fault, I guess, for using the same address for the last 12 years.)

By: grouse

grouse — Thu, 20 Mar 2008 18:11:27 -0800

On what basis? Particularly, which of the donotreply.com e-mail postings do you think is illegal, and why?
All of them, in that he is offering to take down the messages in return for a donation to a charity from the message sender or recipient (i.e. he is blackmailing charitable donations using these messages). Well, it certainly appeals to fulfill the elements of blackmail. But absent those elements, you have not identified any reasons why it is generally illegal "to post private emails to a public forum" as you said before.

By: mediareport

mediareport — Thu, 20 Mar 2008 18:11:52 -0800

All of them, in that he is offering to take down the messages in return for a donation to a charity from the message sender or recipient But leaving them up isn't illegal; they sent the private emails to him directly. He's not blackmailing; he's simply saying I'll help you erase some of the traces of your stupid mistake if you do something nice for a charity I like. If they don't do something nice, he doesn't help them erase their mistake, but (and this is important) he also doesn't take advantage of the information he receives and doesn't publicize anything that can damage any of the individuals involved. It's snarky, yes, but kinda noble too. There's a reason he only gets *threats* of lawsuits, nzero.

By: vsync

vsync — Thu, 20 Mar 2008 22:03:18 -0800

vsync, take the example of an automated email generated by a server on user registration. I guess I'm a scumbag for including This email is automated. Please do not reply to it.

Yes.

And then using donotreply@ the domain it is being sent from? If someone does reply despite the warnings, they get a bounce that says Hi, this mailbox is not monitored--it's where our server sends registration emails from. To get in touch, please visit www.example.tld/contact/ or call 8xx-555-1212 from 9-6 Pacific time. You may wish to look through our FAQ at www.example.tld/faq/ to see if your question has already been answered. Thanks! I'm anxious to hear what the better way of doing this is.

You know, you can set the Reply-To header to go to that very same customer service department.

By: nzero

nzero — Fri, 21 Mar 2008 10:30:55 -0800

Well, it certainly appeals to fulfill the elements of blackmail. But absent those elements, you have not identified any reasons why it is generally illegal "to post private emails to a public forum" as you said before. Right, I definitely concede that point. My original argument was that this was extortion because posting of the emails themselves were illegal, but after I read the link you posted (thanks, it was very informative) I decided you were right that it wasn't illegal to post them, thus this is blackmail not extortion. But leaving them up isn't illegal; they sent the private emails to him directly. He's not blackmailing; he's simply saying I'll help you erase some of the traces of your stupid mistake if you do something nice for a charity I like. If they don't do something nice, he doesn't help them erase their mistake, but (and this is important) he also doesn't take advantage of the information he receives and doesn't publicize anything that can damage any of the individuals involved. It's snarky, yes, but kinda noble too. Er, that's the very definition of blackmail. I do something you don't like, and then offer to stop doing it in exchange for you making a payout. Plain and simple, still waiting on a lawyer to say otherwise. There's a reason he only gets *threats* of lawsuits, nzero. Yeah, because the threats of lawsuits aren't in regard to his blackmailing, they're in regard to his having the posts up in the first place which grouse already established for us is legal in itself. I feel fairly confident that as soon as a savvy lawyer notices the blackmail angle, this site will go away very quickly. (Any lawyers care to respond? Please?)

By: mediareport

mediareport — Fri, 21 Mar 2008 18:46:34 -0800

I feel fairly confident that as soon as a savvy lawyer notices the blackmail angle, this site will go away very quickly. I'll take that bet. You're just plain wrong. There's no actionable cause here.

By: nzero

nzero — Sat, 22 Mar 2008 05:51:35 -0800

I'll take that bet. You're just plain wrong. There's no actionable cause here. I wouldn't bet on it because I have no idea what I'm talking about. Thought that was clear from the phrasing of my original question, which has transmuted into- why is this not blackmail?

By: Asymptote

Asymptote — Sun, 23 Mar 2008 11:00:43 -0800

IANAL, but isn't it only blackmail if you don't release the information, but threaten to unless paid? This site is releasing the information and then offering to take it down for money.

By: Asymptote

Asymptote — Sun, 23 Mar 2008 11:01:52 -0800

He now has a post addressing the extortion/blackmail issue.

By: nzero

nzero — Sun, 23 Mar 2008 20:29:46 -0800

Wow, thanks for that link Asymptote. So it turns out not to be blackmail because he doesn't actually require the donation to take down the posts. Just a polite request. Nice guy.