We have asked the company for comment. ®
Might as well go talk to a wall!
A New Jersey attorney is suing Microsoft for $1.75 million, claiming it didn't fix a verification issue that has cut him off from his paid work email, and therefore from communications with judges and clients, crippling his ability to deal with his caseload and leaving him at risk of making ethical violations. In the complaint …
Or Google, or pretty much any big tech.
We got DoSed by a Google server at a previous employer. Called Google, hours of recorded messages saying to refer to the relevant part of their website - I could find no pages dealing with a poorly configured Google server pumping 1gbps of data down our 10mbps link. (ISP confirmed that the Google IP address was pumping 1gbps to our address at their border)
I tried emailing them, I just got automated replies saying, "we get so many emails, they are simply deleted and no human looks at them." There account on Twitter didn't respond either.
In the end, had to go to our ISP and get them to put a border-block on the Google IP address. We managed to switch to a secondary line within a couple of weeks. About 4 months later, just before the contract with the old ISP ended and they capped the line, I checked the connection, Google was still stuffing more data down the link than it could handle.
I have somewhat recently had issues with outlook mail.
One of my e-mail addresses is an old MSN addressw, but I occasionally use it for a couple of things. A couple of months or so ago it suddenly gave me a boatload of login errors and would not work anymore with a POP3 client. After communicating a few times with MS they made it possible for me to use it as web mail, but POP3 was still broken.
After researching an obscure solutioin stuck out - change the password (or reset it or similar).
I have not yet tried this but I suppose I oughta. In the mean time MS insists that there is no problem with it.
Thought I would mention this.
So many places treat an email address as an ID. This is stupid on many levels, this being one of them. It's a destination for communications. It shouldn't be anything else. It might be an issue that's tangled up with this one but it's a distinct problem in its own right. In such circumstances if the ID is important then the email address should be one over which you have better control, ideally your own domain with a reliable MSP. Worst case you can change MSP.
So many places treat an email address as an ID. This is stupid on many levels, this being one of them.
Indeed. And then think about this situation: let's anticipate this whole mess. Show you're smarter than all sheeple nowadays, get back in touch with your punky DIY roots, take matters into your own hands: set up your own mail server on your own domain...
...and start off by "your integrity" being questioned at every instance, your messages landing in spam boxes all over the world, requiring you to wear a T shirt saying "I'm a tin foil hat wearing antisocial disruptive trouble maker", and not popping an artery when "services" keep sending you replies saying: "Please supply trusted email address for registration/ verification".
> start off by "your integrity" being questioned at every instance, your messages landing in spam boxes all over the world
Nonsense. Becoming a globally "trusted" email server is as simple as setting up SPF and DKIM. Of course if you don't know how to do that and can't be arsed to learn, you'd better stay with your Gmail address. Note I'm not an IT person, and yet I managed.
(Didn't downvote you though.)
My servers are in a data center in Santa Monica.
The occasion arises that a blacklist scuttles a while Class C (assholes, that hasn't been a viable metric since the early 2ks) not often.
And my servers have a signed contract with Microsoft/Hotmail/Live/Outlook and every few years they break contact screwing with filters and I have to sue, again.
I'm used to it I guess.
> And not trying to send emails from a known residential IP address block..
No indeed, sorry I forgot to say I'm not an IT person, my mail servers are hosted professionally by professionals in a data center, not on an old PC in the corner of the living room...
All right, I pay the extortionate sum of (around) $10/month, but fortunately I can afford that luxury...
"Nonsense. Becoming a globally "trusted" email server is as simple as setting up SPF and DKIM."
Which are set into name server(DNS), typically upstream of your own domain and either way totally outside of the scope of *email server* and typically *not* simple tasks. Anyone claiming that 'just add this and that into domain DNS is 'simple task' is a moron. Sorry about that.
Even more than when having your own email server isn't hard, but having your your dns is hard. Having being a sysadmin (in an ISP) I've done both, but every time we did change DNS, we had a colleague to verify before actual changes.
> totally outside of the scope of *email server* and typically *not* simple tasks
Thank you for name calling BTW, really classy. As I said further up, I indeed forgot to specify my servers are professionally hosted, so yes, I do have my own DNS records, and yes, it is kind of trivial to modify them once somebody tells you what to put there. I wouldn't suggest to anybody to set up his own server on an old computer at home, unless he already does this for a living. I don't.
Not by accident, it just happens some knowledgeable person who's job is to do such stuff kindly documented the lines to add, and from there it was just copy-modify-paste.
It's not like we're talking about some little-used experimental feature, those settings are used by all (most) of the serious mail servers out there...
Very rarely do I root for a USA lawyer, but this is an exception.
Most of the commentards on this forum understand two things:
1) Your email and similar services are business-critical
2) The big providers don't give a rat's arse about you, paying or not.
Hence why we would go with a smaller provider that actually responds to problems and has a face/voice. But maybe if the big provider's get slapped with serious fines they might actually start providing support for their paid services?
Damn, sorry, forgot this is not a joke. no they won't...
"2) The big providers don't give a rat's arse about you, paying or not."
Absolutely true. That's why my primary email is in small local provider: Not only they care, they are so local it takes 20 minute to drive in to their main office to complain on-site. It works for small companies, big ones just throw you out.
"Currently I'm using Google,"
Professionally? When I see a gmail address, I often look for another company or professional to do business with. 90% of the spam/scam stuff I get has a gmail address. While my hosting company isn't always top notch, at least they will get back to me and not via a message that states not to reply as nobody will look at a return message. In fact, many of those companies will only list a monitored email address once on a 1,000 page web site. This may be why so much dirt is dished in public on places like Twitter in a nasty way. It may be the only way to get any attention. I expect that Elon knows that and one of the few reasons Twitter hasn't completely folded up.
"Hence why we would go with a smaller provider that actually responds to problems and has a face/voice."
Early on I was hosted by a very local company and could take a drive over to the office along with some donuts/coffee and backup my web site, etc right at the source. If there were any issues, I could call somebody I've met and get a straight answer even if it was just that they aren't being told why there's an issue. At least I could troubleshoot that far.
Having Google or M$ host your online assets is just like banking with BofA or Wells Fargo. Unless you must have extended capabilities that can't be provided by somebody else, don't do it. Your opinion of them and your business does not matter. I expect that Joe Rogan has a wide enough audience that those companies might take notice, but if you were an 'influencer' with only 5-6 million subscribers, you wouldn't show on their Give-A-Crap-O-Meter.
Why do big automakers have to care? There are laws that make it quite easy for people to go after them if they are sold a duff car (new). The people will not only be given a replacement or their money back, they also get their attorney fees reimbursed as well which can be even more if the issue is dragged out.
But it is his domain. (see the screenshot) He's been paying for it for years according to whois.
He's employing MS to manage his email which for the vast majority of small companies is the only rational choice. Even if you are big enough to have an IT team managing a mail server, especially with a legal firms retention requirments is an expensive pain.
Fortunately I've never had to deal with the O365 support org but if they are anything like the Azure org I wish him luck. I've only once ever managed to break through to a real MS staffer, and then it took 8 weeks. And at that point they confirmed what I had discovered empirically 6 weeks before (for backups of SQL databases using Azure Recovery Service Vaults an IOP is 8MB and so those 5000 IOPs for the premium disk hit the bandwidth limit of the machine at less than 100 IOPs) about 5 seconds after I re-iterated the issue for the umpteenth time.
I'm sure he isn't meeting his legal retention requirements if he's managing it himself. Sounds like he's too cheap to pay someone else, and probably has Basic / E1 or maybe Standard, but should be on E3 for archiving and legal holds (making it so things never really get deleted, but get archived instead). For the rare customers that are smart enough to manage their own O365 tenant, I always separate their admin and email accounts to limit takeovers if they do really dumb things some day.
However, as a lawyer, you would have thought they might have read the terms of service that they agreed to by paying for the service.
It clearly outlines that while the service might provide some sort of electronic mail exchange, the instance of that service was by no means a warranty of a continuation of such service.
Silly lawyer.
"I'm sure he isn't meeting his legal retention requirements if he's managing it himself."
Records management is a whole course of study for law students. When a friend of mine went to law school a couple of years ago, they didn't push M$ as the only way to stay compliant. They taught what sorts of things had to be held, for how long. There is lots of software out there for managing a law firm that has all of the record keeping functionality built in.
Not as simple as that. I have my own domain and prefer to manage all my email through that. I work at an academic institution, though, so my "business" email address is necessarily in the institution's domain. I used to simply redirect all my work email through my domain - that was when my institution managed their own email system. Since they sold out big-time to Microsoft a few years ago, however, all work email is handled through MS. It's now entirely dysfunctional and I've lost the facility to manage it myself.
(I do understand my institution's reluctance to allow "external" management of email on the grounds of security and data privacy concerns, but on another level it makes no sense; once an email is up on a screen - any screen - it's essentially "out there" anyway - doesn't really matter how it got there.)
I've got an issue that I've reported weeks ago. My account was being brute forced, basically because I've had the email for nearly 30 years.
So go into O365, change the primary to one that isn't used anywhere online as a logon, remove the ability for anything else to be used as a log on. Happy Days.
Give it a week and suddenly Outlook for iPhone can no longer use the original mail alias. EVERYWHERE else can.
Call MS, get stuck on hold. Oh sorry you've come to the wrong team, get transferred, oh sorry you've come to the wrong team. You have to log on to outlook and send a message from the Settings there.
2 weeks later, no contact except for a "feedback email" in which I blitzed them to make myself feel better but will probably never be read.
This is why I can't STAND Cloud First, if anything goes wrong you're in the hands of MS Support and the very best you can tell management is....sorry boys nothing I can do while your company goes down the shitter...I'm off to the pub
I'm confused. This lawyer is suing because M$ mail has been useless since May. It's always been useless. That's why the evil empire* thought 25 years ago that Clippy was the solution.
Besides if email service is truly business-critical, you simply don't hand it over to any of the interweb's behemoths who don't give a shit and care even less about customer support.
* Other evil empires are now available these days, some even more evil.
Who do you hand it over to?
The plaintiff is a lawyer. I presume they know a lot about lawyerey things and spend a lot of time and effort making sure they remain current on developments in lawyering.
Why would they have any idea how to manage an email service? Of course they should outsource it.
Same as I outsource my lawyering needs.
And when it's business critical, the average layperson is likely to end up with one of the behemoths, if only because small fry are far more likely to either go bust or get bought out by a behemoth.
"Why would they have any idea how to manage an email service? Of course they should outsource it."
Some older executives used to 'manage' their email by printing it out (or having it printed for them) and filing it in folders the way they were used to doing with paper their entire careers.
You have to define what you mean by managing an email service. Most law office management software allows email from any email application to be saved within the program and tied/logged to a client or business contact (licensing board, courts, outside services). I can set up and tear down email addresses at will and I suppose that could be called managing, but it's not that hard and I only do that a couple of times a year when I change out my spam-catchers. I get it that attorneys are often not very bright when it comes to technical things, but they'd be better off borrowing somebody's teenage kid to do it for them it they are that lost rather than trusting M$ or Google.
Sounds like a "know it all" lawyer self managing their IT. Had he ponied up the cash for even the most basic of IT management from a reputable MSP, he would be back in his account in minutes, or have his email forwarded to a secondary account if there was something seriously corrupt in his profile. I bet he also has admin permissions on the same login as his email, opening the door for easy phishing takeovers.
This post has been deleted by its author
"from a reputable MSP"
You don't understand: To lawyers Microsoft *is* "a reputable MSP". Until it isn't,of course.
What is "reputable" is very personal and/or profession related: Even to many (inexperienced/young) IT people MS is 'a reputable company'. They weren't even born when Bill-boy expanded his monopoly and they have no idea how he still keeps major parts of it.
The number of times I have had this conversation with CEO’s and/or senior managers of companies.
When it all works, and to be fair, this is probably true for the vast, vast majority of customers, then fine - the issue is what happens in the minority of cases when it all goes ‘nipples-north’ as a, now sadly departed, colleague of mine referred to such incidents as?
And as I have needed to explain to a number of really senior people in companies, and they really don’t like it, but alas, the truth, ‘look, you are the CEO of this company and hence, you think you are important, but it’s a case of scale, from Microsoft’s or Amazon’s perspective you’re,’ remind me, who are you again?’ From their perspective, you and your company are like ants to a giant, they’re vaguely aware of your existence but other than that….You go out of business tomorrow with the loss of x jobs, well, I’m sure Sundar Pichai, or Satya Nedellar will be losing sleep over it tonight!
Or maybe not!
It’s all a bit of a gamble really, it’ll probably, we’ll almost certainly, be OK - expect……!
in the words of the great Harry Callighan, ‘do you feel lucky, well do yeh, punk….?’
After it became obvious that MS weren't going to fix it soon, I would have created a temp mail box elsewhere, logged into my DNS portal and redircted the MX, SPF etc to that - just so that I could function.
I'd then use the onmicrosoft email to test the old account.
That said, this gentleman might not have the knowledge to do this.
"After it became obvious that MS weren't going to fix it soon, I would have created a temp mail box elsewhere, logged into my DNS portal and redircted the MX, SPF etc to that - just so that I could function."
Precisely. I have my online assets set up so I can move to a new host in a matter of hours. My domains are registered through separate companies than my hosting account and everything is backed up on a regular basis. My host just had to move over the weekend as the DC where they had their racks decided to close down with less than a week's notice to their customers. I suppose it could have been worse than that, but if the hosting company I use got dragged down due to this, I'd be ok other than a day or so down. I tell my customers to call me (no text) if they ever send an email and I don't acknowledge I received it. As much as I can fix things, there are still plenty of things I can't do anything about and never will have control over them.
$1.75 million seems a lot for the failure of a $6 per month service.
Form the complaint.
"5. Starting in 2010 the Plaintiff Law Offices of David M. Schlachter, LLC (“Law Office”) utilized a new product on the market that Defendant was providing, Office 365.
6. At the time, this was a free service that provided free email and website.
7. Commencing July 2017 this service became subscription only.
8. Plaintiff Law Office switched its web hosting to another service but paid Defendant for email use.
9. From July 2017 until January 2021 Plaintiff law office paid $5 a month per email address used.
10. Commending around January 2021 the cost increased to $6 per email address used.
11. On May 10, 2023, Mr. Schlachter could not longer access his email, the one he paid Defendant for (@lawdms.com). "
Does not seem the lawyer thought the service was that important, after all he was running MS's free email and website version for 7 years. Only started paying when it was no longer free, moving web hosting to another service provider and paying MS for the email.
I tell the people I work with to always own their domains and keep them separate from any other company such as M$, Google or any hosting firm. A domain and especially one you've had for years is a very valuable asset. If you are forced to change your domain, it's going to be painful.
Once upon a time, about a decade ago, I read the T&Cs for Microsoft Windows.
There was a clause that, if anything goes wrong, such as Windows eating your homework, and unless you can prove gross negligence, damages are limited to the amount of money that you paid for the Windows license, or US$ 50, or the actual damages incurred, whatever is less.
It wouldn't surprise me if a similar clause applied here. So good luck attempting to prove gross negligence against an army of lawyers.
1. We are dealing with a lawyer - they shouldn't be trusted with anything more technical than a baby play centre.
2/ We are dealing with a lawyer - he can well afford to pay someone else to fix it.
For case 2, I hope they charge the lawyer for the time they are on hold with customer support. :-)
Here's an idea,
Lets bring back humans to manage these takes, lets make humans great again!
All this stuff about never seeing your clients, not speaking to them on a human level, just shaking them down for all you can, well how about a general service desk where you can just ring a number and get sorted, sounds a bit radical, but if we could put a man on the moon in the 60's we can surely sort out someones access to their e-mail account!
Radical I know.