Do Not Reply

Plenty of traffic and questions recently, so I figure I will answer them here.

Why did I buy the domain donotreply.com?
No malicious intent at all. Back in 2000, I was buying “wacky” domains for a new mail service -evilemail.com. Those were wacky, crazy bubble days. When you are buying domains like BettyWhiteIsHot.com, Chlamydia-is-not-a-flower.com, and DaddySaysIFrenchKissTheBest.com, DoNotReply.com seems reasonable in comparison. It was meant as a joke, nothing more.

Why did you turn on the catch-all and post the messages?
Our original mail server died under the weight of the messages. Even bouncing emails gets expensive. I was trying to figure out what was going on.

Why don’t you bounce them back?
One reason, because the domain is also used by spammers. So I would just be compounding the problem of spam by bouncing the mail back. We did this back in the day and got blacklisted as a spammer/bad mail server.

Why not contact the people?
I tried that. I spent plenty of time and money only to be accused of this or that, mainly that and that being hacking their mail server.

Is this extortion?
While discussing the issue of a blog post with a lawyer from a fortune 500 company, he asked to compensate me for my time. I was uncomfortable with that so we agreed on a mutual charity, the local pound. The tradition was born.

You actually don’t have to do anything but contact me and I will take it down. The donation is more of a suggestion. Anyone who has contacted me can tell you this is true, I am changing the wording to reflect that.

They are allowed to be removed because I believe people can change, correct their mistakes and learn from these lessons.

Hey you make money off of this!
The adsense on these pages was a habit, not a thought out one . In the life of this site it has made about $500. I have contacted this charity (Cap)about donating that money to them. If all is well, I will donate the money. If there is an issue with that organization, I am open to suggestions (removed adsense to avoid people clicking to help a charity).

Why post them?
Because companies pay lip-service to security and privacy. Most of the companies listed here are giant corporations who should know better, who should have better policies in place. Some even offer services to you for if your credit cards or identity is stolen, yet they aren’t proactive about stopping that from happening.
The problem is, companies don’t always hire the right person for system administration jobs. Look at the horror stories over at thedailywtf. The position of system administrator is often left to hiring someone’s family member who is “good with computers”. It is a job that demands technical excellence, a system admin is not the janitor of the future, stop treating the position like it is. It is a hard job that needs smart people.

And remember, if they are willing to be this careless with your information, where else are they careless? This is a minor, almost silly thing, what happens when it comes to things that are hard? That are expensive? I don’t trust them, do you?

Why don’t you just list all the emails like other sites do?
That was my original thought. But then I read some. Too many contain people’s private information. Innocent people would be hurt by the posting of all the emails.

Don’t you have better things to do with your time?
Like what? Email some guy who posts emails and complain to him he should find something better to do with his life?

The good news. When they send bounced email, they strip out any attached email or original message.

The bad news. They send email from - ###REMOVEDFORNATIONALFREAKINGSECURITY###@… donotreply.com

More bad news. They include email addresses and names that are no longer valid.

The worst news. They also send email to TSA - which does not strip out the internal message.

Since homeland security and the TSA actually deal with national freaking security, I am not going to post the information in the emails past to say they include a mix of user information, software information, software usage information, hardware identification and expiration of software.

Could the “terrorists” use it? Like any data you expose to the public which is better kept private, it could be used for social engineering. Just think if you could call a department and tell them how many users they have running on a certain piece of software running certain hardware? Fishing for more information is just a jump from there.

So why post this? Why post any of this? Because this is just another example of corporations and government agencies paying lip service to security and privacy. Look at the companies listed this week. These are just examples of security or privacy issues, just examples, I have hundreds of examples, hundreds of thousands of pieces of mail.

And I am at the bottom end of stupidity. I am just one small instance demonstrating this lack of attention to detail.

When you give any private information to anyone, remember, they are idiots. They are not going to protect your information. So before you click submit, ask yourself, do you want chet reading your personal information?

Yardville National Bank was a small bank. Surely the big financial companies behave better right?

Not really.

Merril Lynch decided this was a good address to send mail from - Registration_and_Licensing_Services@… yeah you guessed it, not ml.com but donotreply.com.

So what fun do we find in the ML mail?

Roger D______

SUN LIFE / MFS Termination of Appointment in __________ has been terminated effective immediately due to one of the following reasons:

-Lack of business with this carrier
-State Insurance license has been terminated
-Per your request

You will not be able to conduct any insurance business in NORTH DAKOTA for SUN LIFE / MFS until your appointment is reinstated.

Christopher ____ is pissed. He replied to the donotreply address with this angry little note from his blackberry.

Do not understand why terminated just got appointed. Please respond, I was told I needed to be appointed with them to hold Annuities that are in transfer. Please explain!

I was tempted to explain we found him incompetent and worse than our own security personnel, but then I remembered I don’t actually work at Merrill Lynch, I just read their emails.

When Dick _____ was told he needed to renew his insurance license, he let them have it in all caps!

I AM UDER THE ASSUMPTION THAT I HAVE A PERMANENT LICENSE (OVER 65) AND
NOT REQUIRED TO TAKE FURTHER CONTINUING EDUCATION HOURS. PLEASE CONFIRM.
THANK YOU.

I guess being over 65 he can’t read emails that are in the proper case.

Charles ______ got his notice for Missouri and his reply is going to leave Missourians questioning - but why us chuck?

I AM NOT RENEWING THIS STATE.

Since Merrill Lynch doesn’t even bother to tell people not to reply to the emails, and the emails are either telling people they have lost the right to sell insurance, or they are about to… I have plenty of private replies. None of which will ever get to anyone at Merrill Lynch to help them with their problem.

Your Neighborhood Bank.

What would you do if you wanted to hack a bank? Maybe install some keyloggers on some bank employees machine and capture data? But how could you ever find a list of computer’s that aren’t running the latest service patches or still have vulnerabilities?

For me, ynb.com’s computers would be easy… because they mail me colorful pdfs detailing the ip addresses of each machine that is not currently patched, and what vulnerabilities it is currently open for exploiting.

Now these aren’t public ips, but internal (from the ones I have read at least). But with over 200 reports detailing computers, full branch reports, graphs showing top 10 most vulnerable machines, etc… they had done plenty of legwork for me.

So why would a bank ever reveal all of its security dirty laundry?

Because someone didn’t want to get the reports from their security software bounces filling up their inbox, so instead… ynb.com sends their internal security reports FROM the very public donotreply.com domain… and then all it took was one bad address and I started receiving their very private reports.

I have refrained from posting any info from the reports because of the severity of this security leak.

This is one of the scarier ones. This is an identity theft nightmare. Seems when you make a certain kind of payment to your capital one account, the payment is sent from Capital One Payment . Can you see the problem here?

They don’t even bother to tell people not to respond to these emails, so I have customers sending complete emails like this one.

I have been waiting some time by now,
Can you e mail me the whole statement, the payments I did and closing the account because I think I lost
more money than interest, so I need to know where did I lost, you or Dr. ______.
Thanks

S____ F______

—–Original Message—–
From: Capital One Payment [mailto:donotreply@donotreply.com]
Sent: Friday, September 14, 2007 8:32 PM
To: F_____, S______
Subject: Payment Confirmation

9/14/2007
Dear S_____ F_____,

Thank you for your recent payment to Capital One. This email is to confirm your authorization on 9/14/2007 12:01:39 PM for an electronic debit of your checking account in the amount of ____.___.

This payment will be effective on 9/14/2007 or shortly thereafter. If your financial institution is unable to process the electronic debit, Capital One is authorized to submit a paper draft for this transaction amount. In the event the debit to your account is returned unpaid, an additional return item will be debited from your bank account.

If you have any questions, or if this confirmation does not accurately reflect your payment, please contact us immediately at 800-926-1000.

You know that problem with L____ P______? His Kevlar/Ballistic Helmet is Unit # L0893__ and his Ballistic Vest is Unit # L198__ Both are in the transit warehouse (at least as of 09/29/2007)

Paying $2.93 per unit for Sauce, Soy, Fermented, 12/20 BT seems a little expensive.

B____ K_____ has been using the Ford F-250 Pick Up lately.

Mohammed took a very dignified picture for his Sri Lanka Driver’s License

If you are looking for the Magnum 5kw lightset at Camp Taji… it is no longer in the tool room area, instead it has been moved to the front gate entrance.

J___ J___ I____’s pay seems decent, but $3,000 R&R pay? Come on, the airline ticket recovery for him is $3,218.86! Give the guy a break, cover his air fare at least.

M____ C____ ordered almost $5,000 worth of portable toilets. Better watch out for this guy, sounds like he is planning a rave.

Get it? I don’t think I need to go on. I have plenty more, and most of it more revealing. Accident reports, job requests, transfers, etc - almost all dealing with people currently stationed in Iraq. I hate Halliburton, I hate them… but the people working in these jobs still deserve our respect and privacy, so I won’t post anymore and have hopefully made these vague enough to not endanger anyone.

But this is ridiculous that a major defense contractor actually sends some of their bounced faxes (all of this info was inside of complete faxes) to a domain they do not own. That puts every single one of these people at risk.

Halliburton is not alone. Plenty of people have started slugging in donotreply.com to their fax systems to avoid dealing with bounces. Come on!

And sending me alert emails. Some 4000 emails…

This message has been automatically generated in response to the
creation of a trouble ticket regarding: “Alert: BORDER0.THG.am6.net-T1 0/3/1 · WAN1-NHWD0.THG 13HCGS630633PT status has changed to ‘Down’”, a summary of which appears below.

There is no need to reply to this message right now. Your ticket has been
assigned an ID of [bandcon #8222].

Please include the string:

[bandcon #8222]

in the subject line of all future correspondence about this issue. To do so,
you may reply to this message.

FOR URGENT SERVICE AFFECTING ISSUES, PLEASE CALL BANDCON CUSTOMER SUPPORT IMMEDIATELY AT 1-888-852-2880

Thank you,
support@bandcon.com

Thanks guys! And BORDER0.THG.am6.net-T1 has really been going down a whole bunch lately. Trust me, I know.

Put simply, MessageLabs will protect your organization from Internet threats such as viruses, spam, spyware and other inappropriate content, more effectively than any other vendor in the world. MessageLabs can support this claim with a consistent track record of stopping threats long before the competition and through the industry’s strongest Service Level Agreements (SLA’s) that include an unrivaled 100% guarantee against known and unknown email viruses.

Or put less simply, when your clients use message labs and also use donotreply.com as an internal sending domain, I get the emails.

So companies like Pershing, which provides services for financial institutions, send their internal emails to me.

Subject: BREAK RESPONSE FOR CMI CUMMINS ENGINE INC TRD DATE 08/08/2007 MKT-BLT 8-1 TRD TYPE SOLD SHR BRK -300

CORR/NUM: 46E

SETTLE DATE: 08/13/2007
REPORT DATE: 08/10/2007
USER ID: REMOVED
USER PHONE: 212-REMOVED
PLEASE GO OUT ON ACT WITH ECEE

And a company that provides services for the travel industry, sends back their cancelled trips.

Reservation cancelled for : ELDAR REMOVED

Trip Purpose : Business
Estimated trip price : 1053.03 U.S. Dollar
Reservation number : 4AE8AC
Dates : Monday, July 23, 2007 to Thursday, July 26, 2007
City destination : Raleigh Durham
Ticketing/delivery information : As per agreement (Flight)

Vendor : US Airways Reservation number: REMOVED
Vendor : United Airlines Reservation number: REMOVED

Total fare for flight reservations : 519.70 U.S. Dollar (including tax)

[…]

CAR RESERVATION

Estimated price for car rental : 176.33 U.S. Dollar (additional taxes and charges may apply)
Pick-up : Monday, July 23, 2007 1:00 PM, Raleigh Durham, USA
Drop-off : Thursday, July 26, 2007 3:00 PM, Raleigh Durham, USA
Company : Budget
Vehicle type : Intermediate, 2-4 Door, AC, Automatic
Free kilometres : Unlimited
Booked for: : REMOVED
Status : Cancelled
Confirmation code : REMOVED

Lowest rate offered : 176.33 U.S. Dollar

I am sure hiring messagelabs to manage their emails made the executives feel safe. They were leaving it to the pros. Only one problem, even if you use an outside service to manage your emails, your own internal stupidity can still bite you in the ass.

TSYS combines superior data-processing technology with unsurpassed service and experience in electronic payments to provide exceptional value to business portfolios worldwide.

Good thing they only deal with electronic payments, nothing important. The cool thing with TSYS, they just don’t use tsys@ my domain, they also use tsyseurope! Way to spread the stupidity across the Atlantic.

Breaking the law, breaking the law!

—————————————–
The information contained in this communication (including any
attachments hereto) is confidential and is intended solely for the
personal and confidential use of the individual or entity to whom
it is addressed. The information may also constitute a legally
privileged confidential communication. If the reader of this
message is not the intended recipient or an agent responsible for
delivering it to the intended recipient, you are hereby notified
that you have received this communication in error and that any
review, dissemination, copying, or unauthorized use of this
information, or the taking of any action in reliance on the
contents of this information is strictly prohibited. If you have
received this communication in error, please notify us immediately
by e-mail, and delete the original message. Thank you

Subject:
Invoice Approval Email Gen Status Report
From:
MPNET13 at donotreply.com
Date:
10 Aug 2007 06:30:22 -0400
To:
ssundararajan@tsys.com, chaycock@tsys.com

Harvesting emails for org 09
Connection established sucessfully to the mainframe
Row count for First Page for org 09 is 6
Added Approver HARDAR1 from 09 to bucket
Added Approver SMIWAY1 from 09 to bucket
Added Approver BARBLA1 from 09 to bucket
Added Approver DIEMEL1 from 09 to bucket
Added Approver HANDEB1 from 09 to bucket
Added Approver BACBRU1 from 09 to bucket
Executing Fwd Command
Added Approver BRICHI1 from 09 to bucket
Page No. 2 The last Seq no. is : 12
Executing Fwd Command
Page No. 3 The last Seq no. is : 18
Executing Fwd Command
Page No. 4 The last Seq no. is : 24
Executing Fwd Command
Page No. 5 The last Seq no. is : 30
Executing Fwd Command
Page No. 6 The last Seq no. is : 36
Executing Fwd Command
Page No. 7 The last Seq no. is : 42
Executing Fwd Command
Page No. 8 The last Seq no. is : 48
Executing Fwd Command
Page No. 9 The last Seq no. is : 54
Executing Fwd Command
Added Approver ELLPAT1 from 09 to bucket
Page No. 10 The last Seq no. is : 60
Executing Fwd Command
Added Approver STAPET1 from 09 to bucket
Page No. 11 The last Seq no. is : 66
Executing Fwd Command
Page No. 12 The last Seq no. is : 72
Executing Fwd Command
Page No. 13 The last Seq no. is : 78
Executing Fwd Command
Added Approver DAVPIN1 from 09 to bucket
Page No. 14 The last Seq no. is : 84
Executing Fwd Command
Added Approver SMIELA1 from 09 to bucket
Page No. 15 The last Seq no. is : 90
Executing Fwd Command
Added Approver WILKAT1 from 09 to bucket
Added Approver LANTRI1 from 09 to bucket
Page No. 16 The last Seq no. is : 96
Executing Fwd Command
Page No. 17 The last Seq no. is : 102
Executing Fwd Command
Page No. 18 The last Seq no. is : 108
Executing Fwd Command
Page No. 19 The last Seq no. is : 114
Executing Fwd Command
Page No. 20 The last Seq no. is : 120
Executing Fwd Command
Page No. 21 The last Seq no. is : 126
Executing Fwd Command
Added Approver LANTOM1 from 09 to bucket
Page No. 22 The last Seq no. is : 132
Executing Fwd Command
Page No. 23 The last Seq no. is : 138
Executing Fwd Command
Page No. 24 The last Seq no. is : 144
Executing Fwd Command
Page No. 25 The last Seq no. is : 150
Executing Fwd Command
Added Approver WEADOR1 from 09 to bucket
Page No. 26 The last Seq no. is : 156
Executing Fwd Command
Added Approver PIEKEI1 from 09 to bucket
Page No. 27 The last Seq no. is : 162
Executing Fwd Command
Added Approver CAIJOE1 from 09 to bucket
Added Approver HOLVIR1 from 09 to bucket
Page No. 28 The last Seq no. is : 168
Executing Fwd Command
Page No. 29 The last Seq no. is : 174
Executing Fwd Command
Added Approver COCALA1 from 09 to bucket
Added Approver SMIDAV1 from 09 to bucket
Page No. 30 The last Seq no. is : 180
Executing Fwd Command
Page No. 31 The last Seq no. is : 186
Executing Fwd Command
Page No. 32 The last Seq no. is : 192
Executing Fwd Command
Page No. 33 The last Seq no. is : 198
Executing Fwd Command
Page No. 34 The last Seq no. is : 0
Executing Fwd Command
Page No. 35 The last Seq no. is : 0
The User Id’s for org 09
COCALA1
LANTOM1
BRICHI1
WILKAT1
HOLVIR1
STAPET1
PIEKEI1
ELLPAT1
SMIELA1
LANTRI1
HANDEB1
SMIWAY1
BARBLA1
DAVPIN1
DIEMEL1
WEADOR1
HARDAR1
SMIDAV1
BACBRU1
CAIJOE1
Getting email addresses for ApproverIDs for org 09
Connection established sucessfully to the mainframe
Sending email to ALANCOCHRAN@TSYS.COM at ORG 09
Sending email to TLANGLEY@TSYS.COM at ORG 09
Sending email to CBRIGHT@TSYS.COM at ORG 09
Sending email to KWILLS@TSYS.COM at ORG 09
Sending email to VHOLMAN@TSYS.COM at ORG 09
Sending email to PSTARLING@TSYS.COM at ORG 09
Sending email to KPIERCE@TSYS.COM at ORG 09
Sending email to PELLIOTT@TSYSTSOL.COM at ORG 09
Sending email to ELSMITH@TSYS.COM at ORG 09
Sending email to PLAND@TSYS.COM at ORG 09
Sending email to DHANKS@TSYS.COM at ORG 09
Sending email to WSMITH@TSYS.COM at ORG 09
Sending email to BBARKER@TSYS.COM at ORG 09
Sending email to PDAVIS@TSYS.COM at ORG 09
Sending email to MDIETRICH@TSYS.COM at ORG 09
Sending email to DWEAVER@TSYS.COM at ORG 09
Sending email to DAHARRIS@TSYS.COM at ORG 09
Sending email to DWSMITH@TSYS.COM at ORG 09
Sending email to BBACON@TSYS.COM at ORG 09
Sending email to JCAIL@TSYS.COM at ORG 09
Exiting application…

Other fun emails include:
Retail Limit Batch Report for Bank 129901
CreditLimit Batch Report for Bank 129901

And guys remember, Jamey Pate will not be returning to the office until 08/13/2007! If you need immediate assistance contact Tanya Deen. And if tsys’s lawyers want to threaten me, please contact me at chet at poe-news.com or just reply to one of your reports…

Since autonation.com is up to sending me an email every 12 seconds and their IT department doesn’t believe me it seems (I have talked with them on the phone). Here is a complete autonation.com email.

--9B095B5ADSN=_01C7D98D0142E1C800002FEAUS1EXBH02.US1.au
Content-Type: message/rfc822

Received: from us1web71.US1.autonation.com ([10.4.10.113]) by US1EXBH02.US1.autonation.com with Microsoft SMTPSVC(6.0.3790.1830);
Sun, 12 Aug 2007 12:12:08 -0400
Received: from US1ADMIN03 ([10.10.253.14]) by us1web71.US1.autonation.com with Microsoft SMTPSVC(6.0.3790.1830);
Sun, 12 Aug 2007 12:12:07 -0400
Message-ID: <28910606.1186935127783.JavaMail.SYSTEM@US1ADMIN03>
Date: Sun, 12 Aug 2007 12:12:07 -0400 (EDT)
From: <ITAssistant@donotreply.com>
To: ortegav@autonation.com
Subject: us1tcs229.us1.autonation.com - Critical System is down: us1tcs229.us1.autonation.com
Mime-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_Part_0_17900022.1186935127565"
Return-Path: ITAssistant@donotreply.com
X-OriginalArrivalTime: 12 Aug 2007 16:12:07.0931 (UTC) FILETIME=[87F634B0:01C7DCFB]

------=_Part_0_17900022.1186935127565
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit

us1tcs229.us1.autonation.com (IP: 10.169.1.109 and Service Tag: JGXWY01 ) has experienced a Critical System is down: us1tcs229.us1.autonation.com on 08/12/07 at 12:12:04:000
------=_Part_0_17900022.1186935127565--

--9B095B5ADSN=_01C7D98D0142E1C800002FEAUS1EXBH02.US1.au--

See the from field AutoNation? Notice something funny about the domain name? Do you own that domain? Do you think I care that you can’t keep your servers functioning?

I can understand not wanting to get all these emails, god knows I don’t want them either. But your brilliant fix to the problem of sending the bounces to me? Not so brilliant. Being so thick in the head that you cannot understand the issue? Really, really not so brilliant.

So what about it autonation? Do you believe me now? Can you figure this out on your own? Can you stop the system from sending me the emails?

I can understand mistakes, I cannot understand this continuation of stupidity.