opinion Curse of owning email (dot) ba domain

[Amar D]

I want to share the curse of owning domain name email -dot- ba

So, I've enabled catch-all option for this domain name. And I'm getting tons of mispelled email messages that were direct to .bz .bs .br .bb and similiar domains.

Also I'm getting tons of copies of passports/personal ID cards and other sensitive things from British Airways customers as they use domain name @ba.com and people are forgetting to add .com at the end of email address.

Also there is tons of instagram/facebook and other accounts created or used with this @email.ba address.

• tons of bank statements... lol

What is the right thing to do with this content.

 

[mdrn]

I want to share the curse of owning domain name email -dot- ba

So, I've enabled catch-all option for this domain name. And I'm getting tons of mispelled email messages that were direct to .bz .bs .br .bb and similiar domains.

Also I'm getting tons of copies of passports/personal ID cards and other sensitive things from British Airways customers as they use domain name @ba.com and people are forgetting to add .com at the end of email address.

Also there is tons of instagram/facebook and other accounts created or used with this @email.ba address.

• tons of bank statements... lol

What is the right thing to do with this content.

Maybe have an auto-reply set up if it's happening so much?

Obviously, you don't want to do anything with that sensitive content. You should probably delete and keep a record that you deleted it.

By the way, this is not legal advice. Consult a lawyer if you are worried. Cheers

 

[MadAboutDomains]

I'd suggest turning off the catch all and just use one.

 

[Jasper schilperoord]

I have had the same issue with Workplace.nl

Lots of emails with personal details, bank statements and other sensitive privacy related information from Workplacenl.com and even account activation details from Facebook's Workplace.com

I'd also suggest turning off catchall feature.

 

[Kostas]

Disable catch-all so that senders get notified when they email the wrong address.

 

[koolishman]

I want to share the curse of owning domain name email -dot- ba

So, I've enabled catch-all option for this domain name. And I'm getting tons of mispelled email messages that were direct to .bz .bs .br .bb and similiar domains.

Also I'm getting tons of copies of passports/personal ID cards and other sensitive things from British Airways customers as they use domain name @ba.com and people are forgetting to add .com at the end of email address.

Also there is tons of instagram/facebook and other accounts created or used with this @email.ba address.

• tons of bank statements... lol

What is the right thing to do with this content.

Sell domain to BA?

 

[MadAboutDomains]

Who is sending bank statements to BA or to workplace.nl and why? Sounds like spam emails...?

 

[m1_abrams]

Disable catch-all. You might be putting yourself at risk by knowingly receiving privileged documents (such as bank statements, payroll processing data, etc)

 

[MadAboutDomains]

Disable catch-all. You might be putting yourself at risk by knowingly receiving privileged documents (such as bank statements, payroll processing data, etc)

What are the risks? Can it be proven that the owner is using a catch all?

 

[m1_abrams]

What are the risks? Can it be proven that the owner is using a catch all?

One might incur legal liability from accessing with intention email communication specifically addressed to other individuals. Not sure how someone would go about proving it, but I should remind that 1) email delivery reports are a thing, that 2) if no email address on a particular domain name bounces that it would likely hint to catch-all being used.

Caution: I am not a lawyer.

Disable catch-all! You can do without it

 

[MadAboutDomains]

You could have it set up to accept but auto delete emails I suppose, also it's not against the law to set up a catch all on a domain that you own if you choose to use it that way for a name that was registered in good faith.

I also suspect that it could not be proven that an email had been opened or that it's content had been accessed in bad faith. Further to this, unless it's an obvious typo of a popular domain, you're unlikely to face any issues because 1) technically it was addressed to the recipient that received the mail otherwise they wouldn't have received it and 2) the email isn't technically similar 3) just accessing the mail isn't the same as using the data for nefarious reasons.

Just some thoughts... imho

 

[Amar D]

Dear British Airways, I'm open for offers.

 

[Bertrell]

When "bank statements" was mentioned, I thought of Bank of America, as I'm fairly certain people might mistakenly send those there instead of to bоfа.соm

 

[MadAboutDomains]

When "bank statements" was mentioned, I thought of Bank of America, as I'm fairly certain people might mistakenly send those there instead of to bоfа.соm

That would make more sense, I don't understand why bank statements would be being sent to an airline.

 

[Amar D]

Their bills for servers and hosting are coming too.

 

[MadAboutDomains]

Their bills for servers and hosting are coming too.

For whom? British airways or Bank of America?

 

[forge]

Not too surprisingly, but there must be people out there severely mis-typing addresses. It's curious that they're typing @email when normally it would be email@ [etc., etc.] and bawhatever.com not whateveremail.ba (right?) Or not "email" at all.

Anyway I'm with the camp that says turn off catch-all. End of.

 

[Amar D]

Not too surprisingly, but there must be people out there severely mis-typing addresses. It's curious that they're typing @email when normally it would be email@ [etc., etc.] and bawhatever.com not whateveremail.ba (right?) Or not "email" at all.

Anyway I'm with the camp that says turn off catch-all. End of.

British Airways owns 2 letter domain "ba.com". Their email server is on this domain @email.ba.com

So guess the rest.

 

[dombastic]

Disable catch-all so that senders get notified when they email the wrong address.

Exactly!

With catch-all you always get more spam. Why would anybody use it?

 

[Hashim]

British Airways owns 2 letter domain "ba.com". Their email server is on this domain @email.ba.com

So guess the rest.

Then I'd say you have a very good case for selling the domain to British Airways, because your domain is far less complicated than their actual email address.

 

[pb]

IANAL but opening these e-mails would already be a violation in some jurisdictions. Keeping or otherwise processing them would be another one.

 

[Amar D]

IANAL but opening these e-mails would already be a violation in some jurisdictions. Keeping or otherwise processing them would be another one.

I'm Bosnian citizen, .ba is under Bosnian rules.
We are not part of European Union, and they have no trademark inside this country. Also the word "email" is generic.

 

[pb]

I'm Bosnian citizen, .ba is under Bosnian rules.
We are not part of European Union, and they have no trademark inside this country. Also the word "email" is generic.

I don't know Bosnian law but the domain has nothing to with that. Reading (opening, storing etc.) private correspondence that you got by accident is the problem. This is a very common law in many countries: https://en.wikipedia.org/wiki/Secrecy_of_correspondence - you might want to check how it's formulated in BiH.

Not a legal advice, but personally if I receive a misaddressed mail, I delete it as soon as I realize it's not meant for me. Sometimes it's after reading some of the contents, sometimes it's already after seeing the sender (there are some "serial offenders" that keep mistyping the domain).

 

[Amar D]

Life is too short to be paranoid which email are you going to open (even if you own the domain and server).

 

[Kuffy]

Reading (opening, storing etc.) private correspondence that you got by accident is the problem. .

How do you know it is private until you have read it?