back to article Attorney sues Microsoft for $1.75M, claiming his email has been useless since May

A New Jersey attorney is suing Microsoft for $1.75 million, claiming it didn't fix a verification issue that has cut him off from his paid work email, and therefore from communications with judges and clients, crippling his ability to deal with his caseload and leaving him at risk of making ethical violations. In the complaint …

  1. JWLong Silver badge

    We have asked the company for comment. ®

    Might as well go talk to a wall!

    1. Boris the Cockroach Silver badge

      Re: We have asked the company for comment. ®

      Seems that lawyer had enough of talking to that wall.

      Maybe this should be an inspiration for the rest of us working with m$ software/services....

    2. DJV Silver badge

      Re: We have asked the company for comment. ®

      "Might as well go talk to Apple!"

      FTFY

      1. big_D Silver badge

        Re: We have asked the company for comment. ®

        Or Google, or pretty much any big tech.

        We got DoSed by a Google server at a previous employer. Called Google, hours of recorded messages saying to refer to the relevant part of their website - I could find no pages dealing with a poorly configured Google server pumping 1gbps of data down our 10mbps link. (ISP confirmed that the Google IP address was pumping 1gbps to our address at their border)

        I tried emailing them, I just got automated replies saying, "we get so many emails, they are simply deleted and no human looks at them." There account on Twitter didn't respond either.

        In the end, had to go to our ISP and get them to put a border-block on the Google IP address. We managed to switch to a secondary line within a couple of weeks. About 4 months later, just before the contract with the old ISP ended and they capped the line, I checked the connection, Google was still stuffing more data down the link than it could handle.

    3. bombastic bob Silver badge
      Meh

      Re: We have asked the company for comment. ®

      I have somewhat recently had issues with outlook mail.

      One of my e-mail addresses is an old MSN addressw, but I occasionally use it for a couple of things. A couple of months or so ago it suddenly gave me a boatload of login errors and would not work anymore with a POP3 client. After communicating a few times with MS they made it possible for me to use it as web mail, but POP3 was still broken.

      After researching an obscure solutioin stuck out - change the password (or reset it or similar).

      I have not yet tried this but I suppose I oughta. In the mean time MS insists that there is no problem with it.

      Thought I would mention this.

  2. Doctor Syntax Silver badge

    I didn't realise setting up a second email account was so difficult in New Jersey.

    1. Spanners
      Facepalm

      Second email account

      The MS one is the official account that official bodies will deal with. I expect he shows it in his adverts and so on.

      He chose to have his MS hosted one be the account. I have changed email addresses with banks etc. They require confirmation from the old address!

      1. Doctor Syntax Silver badge

        Re: Second email account

        So many places treat an email address as an ID. This is stupid on many levels, this being one of them. It's a destination for communications. It shouldn't be anything else. It might be an issue that's tangled up with this one but it's a distinct problem in its own right. In such circumstances if the ID is important then the email address should be one over which you have better control, ideally your own domain with a reliable MSP. Worst case you can change MSP.

        1. NATTtrash
          Mushroom

          Re: Second email account

          So many places treat an email address as an ID. This is stupid on many levels, this being one of them.

          Indeed. And then think about this situation: let's anticipate this whole mess. Show you're smarter than all sheeple nowadays, get back in touch with your punky DIY roots, take matters into your own hands: set up your own mail server on your own domain...

          ...and start off by "your integrity" being questioned at every instance, your messages landing in spam boxes all over the world, requiring you to wear a T shirt saying "I'm a tin foil hat wearing antisocial disruptive trouble maker", and not popping an artery when "services" keep sending you replies saying: "Please supply trusted email address for registration/ verification".

          1. ThatOne Silver badge

            Re: Second email account

            > start off by "your integrity" being questioned at every instance, your messages landing in spam boxes all over the world

            Nonsense. Becoming a globally "trusted" email server is as simple as setting up SPF and DKIM. Of course if you don't know how to do that and can't be arsed to learn, you'd better stay with your Gmail address. Note I'm not an IT person, and yet I managed.

            (Didn't downvote you though.)

            1. CrazyOldCatMan Silver badge

              Re: Second email account

              Becoming a globally "trusted" email server is as simple as setting up SPF and DKIM

              And not trying to send emails from a known residential IP address block..

              1. Diogenes8080

                Re: Second email account

                You missed out the bit where the IP is dynamically allocated, the DNS is dynamic and the ISP themselves have listed the whole pool in the Spamhaus PBL.

                Not that I know the sender, I'm just speculating...

              2. Agamemnon

                Re: Second email account

                My servers are in a data center in Santa Monica.

                The occasion arises that a blacklist scuttles a while Class C (assholes, that hasn't been a viable metric since the early 2ks) not often.

                And my servers have a signed contract with Microsoft/Hotmail/Live/Outlook and every few years they break contact screwing with filters and I have to sue, again.

                I'm used to it I guess.

              3. ThatOne Silver badge
                Happy

                Re: Second email account

                > And not trying to send emails from a known residential IP address block..

                No indeed, sorry I forgot to say I'm not an IT person, my mail servers are hosted professionally by professionals in a data center, not on an old PC in the corner of the living room...

                All right, I pay the extortionate sum of (around) $10/month, but fortunately I can afford that luxury...

            2. Anonymous Coward
              Anonymous Coward

              Re: Second email account

              "Nonsense. Becoming a globally "trusted" email server is as simple as setting up SPF and DKIM."

              Which are set into name server(DNS), typically upstream of your own domain and either way totally outside of the scope of *email server* and typically *not* simple tasks. Anyone claiming that 'just add this and that into domain DNS is 'simple task' is a moron. Sorry about that.

              Even more than when having your own email server isn't hard, but having your your dns is hard. Having being a sysadmin (in an ISP) I've done both, but every time we did change DNS, we had a colleague to verify before actual changes.

              1. Yet Another Anonymous coward Silver badge

                Re: Second email account

                >having your own email server isn't hard

                Getting it hosted by someone who isn't blacklisted as spam by MSFT and GOOG is

              2. ThatOne Silver badge
                Meh

                Re: Second email account

                > totally outside of the scope of *email server* and typically *not* simple tasks

                Thank you for name calling BTW, really classy. As I said further up, I indeed forgot to specify my servers are professionally hosted, so yes, I do have my own DNS records, and yes, it is kind of trivial to modify them once somebody tells you what to put there. I wouldn't suggest to anybody to set up his own server on an old computer at home, unless he already does this for a living. I don't.

            3. Anonymous Coward
              Anonymous Coward

              Re: Second email account

              "Note I'm not an IT person, and yet I managed."

              Apparently by accident: Modifying DNS records is theoretically documented but in practise black art. Unless you FUBAR, of course.

              1. ThatOne Silver badge

                Re: Second email account

                Not by accident, it just happens some knowledgeable person who's job is to do such stuff kindly documented the lines to add, and from there it was just copy-modify-paste.

                It's not like we're talking about some little-used experimental feature, those settings are used by all (most) of the serious mail servers out there...

            4. Agamemnon

              Re: Second email account

              This is how I do it.

        2. ThatOne Silver badge

          Re: Second email account

          > So many places treat an email address as an ID. This is stupid on many levels

          That's true, but is hardly new: Since the WWW took off, email addresses have been the login to your account about anywhere. It's a fact of life and one should better adapt to it.

        3. MachDiamond Silver badge

          Re: Second email account

          "So many places treat an email address as an ID."

          There's also the problem of some companies using your telephone number. If somebody nicks your phone, they can access all sorts of things.

  3. Paul Crawford Silver badge

    Very rarely do I root for a USA lawyer, but this is an exception.

    Most of the commentards on this forum understand two things:

    1) Your email and similar services are business-critical

    2) The big providers don't give a rat's arse about you, paying or not.

    Hence why we would go with a smaller provider that actually responds to problems and has a face/voice. But maybe if the big provider's get slapped with serious fines they might actually start providing support for their paid services?

    Damn, sorry, forgot this is not a joke. no they won't...

    1. Anonymous Coward
      Anonymous Coward

      "2) The big providers don't give a rat's arse about you, paying or not."

      Absolutely true. That's why my primary email is in small local provider: Not only they care, they are so local it takes 20 minute to drive in to their main office to complain on-site. It works for small companies, big ones just throw you out.

      1. Orv Silver badge

        I've had bad luck with small providers either going out of business or being bought out.

        Currently I'm using Google, but I have my own domain I can pick up and take elsewhere if I don't like the way things are going.

        1. MachDiamond Silver badge

          "Currently I'm using Google,"

          Professionally? When I see a gmail address, I often look for another company or professional to do business with. 90% of the spam/scam stuff I get has a gmail address. While my hosting company isn't always top notch, at least they will get back to me and not via a message that states not to reply as nobody will look at a return message. In fact, many of those companies will only list a monitored email address once on a 1,000 page web site. This may be why so much dirt is dished in public on places like Twitter in a nasty way. It may be the only way to get any attention. I expect that Elon knows that and one of the few reasons Twitter hasn't completely folded up.

          1. John Brown (no body) Silver badge

            FWIW, he said "Currently I'm using Google, but I have my own domain"

            I doubt he owns the gmail domain.

          2. Orv Silver badge

            I use Google Apps with my own custom domain. So no, it's not a gmail address.

    2. MachDiamond Silver badge

      "Hence why we would go with a smaller provider that actually responds to problems and has a face/voice."

      Early on I was hosted by a very local company and could take a drive over to the office along with some donuts/coffee and backup my web site, etc right at the source. If there were any issues, I could call somebody I've met and get a straight answer even if it was just that they aren't being told why there's an issue. At least I could troubleshoot that far.

      Having Google or M$ host your online assets is just like banking with BofA or Wells Fargo. Unless you must have extended capabilities that can't be provided by somebody else, don't do it. Your opinion of them and your business does not matter. I expect that Joe Rogan has a wide enough audience that those companies might take notice, but if you were an 'influencer' with only 5-6 million subscribers, you wouldn't show on their Give-A-Crap-O-Meter.

      Why do big automakers have to care? There are laws that make it quite easy for people to go after them if they are sold a duff car (new). The people will not only be given a replacement or their money back, they also get their attorney fees reimbursed as well which can be even more if the issue is dragged out.

  4. captain veg Silver badge

    real lesson

    I wish the guy luck, and his treatment has been, on the face of it, beyond shabby.

    But the real lesson has to be that you can't trust any email address that isn't in a domain that you own.

    -A.

    1. alain williams Silver badge

      Re: real lesson

      But the real lesson has to be that you can't trust any email address that isn't in a domain that you own.

      And on computing equipment that you either control or is controlled by someone who you can visit when holding a cricket bat.

    2. _gh_

      Re: real lesson

      But it is his domain. (see the screenshot) He's been paying for it for years according to whois.

      He's employing MS to manage his email which for the vast majority of small companies is the only rational choice. Even if you are big enough to have an IT team managing a mail server, especially with a legal firms retention requirments is an expensive pain.

      Fortunately I've never had to deal with the O365 support org but if they are anything like the Azure org I wish him luck. I've only once ever managed to break through to a real MS staffer, and then it took 8 weeks. And at that point they confirmed what I had discovered empirically 6 weeks before (for backups of SQL databases using Azure Recovery Service Vaults an IOP is 8MB and so those 5000 IOPs for the premium disk hit the bandwidth limit of the machine at less than 100 IOPs) about 5 seconds after I re-iterated the issue for the umpteenth time.

      1. GrizzleeAdams

        Re: real lesson

        I'm sure he isn't meeting his legal retention requirements if he's managing it himself. Sounds like he's too cheap to pay someone else, and probably has Basic / E1 or maybe Standard, but should be on E3 for archiving and legal holds (making it so things never really get deleted, but get archived instead). For the rare customers that are smart enough to manage their own O365 tenant, I always separate their admin and email accounts to limit takeovers if they do really dumb things some day.

        1. mevets

          The real lesson is not victim shaming.....

          However, as a lawyer, you would have thought they might have read the terms of service that they agreed to by paying for the service.

          It clearly outlines that while the service might provide some sort of electronic mail exchange, the instance of that service was by no means a warranty of a continuation of such service.

          Silly lawyer.

        2. MachDiamond Silver badge

          Re: real lesson

          "I'm sure he isn't meeting his legal retention requirements if he's managing it himself."

          Records management is a whole course of study for law students. When a friend of mine went to law school a couple of years ago, they didn't push M$ as the only way to stay compliant. They taught what sorts of things had to be held, for how long. There is lots of software out there for managing a law firm that has all of the record keeping functionality built in.

      2. MachDiamond Silver badge

        Re: real lesson

        "He's employing MS to manage his email which for the vast majority of small companies is the only rational choice."

        I don't agree with that. It's through using M$ email products that one requires extensive support in the first place.

    3. tracker1

      Re: real lesson

      Who said it isn't his corporate domain? It's entirely possible you'd is entertained with office 365 through a management account tethered to email on said domain. Can't transfer it without login access which is the same as email.

    4. LionelB Silver badge

      Re: real lesson

      Not as simple as that. I have my own domain and prefer to manage all my email through that. I work at an academic institution, though, so my "business" email address is necessarily in the institution's domain. I used to simply redirect all my work email through my domain - that was when my institution managed their own email system. Since they sold out big-time to Microsoft a few years ago, however, all work email is handled through MS. It's now entirely dysfunctional and I've lost the facility to manage it myself.

      (I do understand my institution's reluctance to allow "external" management of email on the grounds of security and data privacy concerns, but on another level it makes no sense; once an email is up on a screen - any screen - it's essentially "out there" anyway - doesn't really matter how it got there.)

  5. Blackjack Silver badge

    This is why I have my e-mails accounts foward e-mails to each other, it may not be safe or whatever but it has helped when I somehow ended looked out from one of my email accounts.

  6. Anonymous Coward
    Anonymous Coward

    MS Support are AWFUL

    I've got an issue that I've reported weeks ago. My account was being brute forced, basically because I've had the email for nearly 30 years.

    So go into O365, change the primary to one that isn't used anywhere online as a logon, remove the ability for anything else to be used as a log on. Happy Days.

    Give it a week and suddenly Outlook for iPhone can no longer use the original mail alias. EVERYWHERE else can.

    Call MS, get stuck on hold. Oh sorry you've come to the wrong team, get transferred, oh sorry you've come to the wrong team. You have to log on to outlook and send a message from the Settings there.

    2 weeks later, no contact except for a "feedback email" in which I blitzed them to make myself feel better but will probably never be read.

    This is why I can't STAND Cloud First, if anything goes wrong you're in the hands of MS Support and the very best you can tell management is....sorry boys nothing I can do while your company goes down the shitter...I'm off to the pub

  7. CowHorseFrog Silver badge

    There must be something wrong with the article why doesnt Microsoft just copy Google and have no contact phone or email ?

    1. Yet Another Anonymous coward Silver badge

      Because Microsoft charge for accounts.

      Charging lawyers for services that you don't deliver is more evil than giving away free email and not giving a stuff when it goes wrong.

  8. Anonymous Coward
    Anonymous Coward

    lawyer doesn't know what bears do in the woods! film at 11!

    I'm confused. This lawyer is suing because M$ mail has been useless since May. It's always been useless. That's why the evil empire* thought 25 years ago that Clippy was the solution.

    Besides if email service is truly business-critical, you simply don't hand it over to any of the interweb's behemoths who don't give a shit and care even less about customer support.

    * Other evil empires are now available these days, some even more evil.

    1. Richard 12 Silver badge

      Re: lawyer doesn't know what bears do in the woods! film at 11!

      Who do you hand it over to?

      The plaintiff is a lawyer. I presume they know a lot about lawyerey things and spend a lot of time and effort making sure they remain current on developments in lawyering.

      Why would they have any idea how to manage an email service? Of course they should outsource it.

      Same as I outsource my lawyering needs.

      And when it's business critical, the average layperson is likely to end up with one of the behemoths, if only because small fry are far more likely to either go bust or get bought out by a behemoth.

      1. MachDiamond Silver badge

        Re: lawyer doesn't know what bears do in the woods! film at 11!

        "Why would they have any idea how to manage an email service? Of course they should outsource it."

        Some older executives used to 'manage' their email by printing it out (or having it printed for them) and filing it in folders the way they were used to doing with paper their entire careers.

        You have to define what you mean by managing an email service. Most law office management software allows email from any email application to be saved within the program and tied/logged to a client or business contact (licensing board, courts, outside services). I can set up and tear down email addresses at will and I suppose that could be called managing, but it's not that hard and I only do that a couple of times a year when I change out my spam-catchers. I get it that attorneys are often not very bright when it comes to technical things, but they'd be better off borrowing somebody's teenage kid to do it for them it they are that lost rather than trusting M$ or Google.

  9. Doug 3

    well, maybe this lawyer should try another email system as soon as access is restored. Maybe this one will send a message:

    https://docs.linuxfoundation.org/lfx/my-profile/know-your-individual-dashboard/about-me/email-management/purchasing-linux-email

  10. GrizzleeAdams
    FAIL

    Should have paid for IT support

    Sounds like a "know it all" lawyer self managing their IT. Had he ponied up the cash for even the most basic of IT management from a reputable MSP, he would be back in his account in minutes, or have his email forwarded to a secondary account if there was something seriously corrupt in his profile. I bet he also has admin permissions on the same login as his email, opening the door for easy phishing takeovers.

    1. This post has been deleted by its author

    2. Anonymous Coward
      Anonymous Coward

      Re: Should have paid for IT support

      "from a reputable MSP"

      You don't understand: To lawyers Microsoft *is* "a reputable MSP". Until it isn't,of course.

      What is "reputable" is very personal and/or profession related: Even to many (inexperienced/young) IT people MS is 'a reputable company'. They weren't even born when Bill-boy expanded his monopoly and they have no idea how he still keeps major parts of it.

      1. mevets

        Re: Should have paid for IT support

        Microsoft are a criminally convicted company. While some lawyers view criminals as their most important customers, you might have thought they would have learned a thing or two.

        1. Anonymous Coward
          Anonymous Coward

          Re: Should have paid for IT support

          Criminals who pay their bills are excellent clients.

          It's the ones who don't that find it hard to get competent legal representation.

  11. X5-332960073452
    Alert

    Why only one recovery / verification method setup, should have at least two (or more) configured, little sympathy here!

    1. Anonymous Coward
      Anonymous Coward

      "should have at least two (or more) configured, little sympathy here!"

      AFAIK MS (O365) doesn't allow more than one. You may choose what it is but still only one. It's not *always* the user.

      1. Anonymous Coward
        Anonymous Coward

        Doesn't surprise me, although just plain outlook.com allows multiple verification methods.

        Either way, doesn't help when the verification part seems broken in some way.

  12. Excused Boots Silver badge

    The number of times I have had this conversation with CEO’s and/or senior managers of companies.

    When it all works, and to be fair, this is probably true for the vast, vast majority of customers, then fine - the issue is what happens in the minority of cases when it all goes ‘nipples-north’ as a, now sadly departed, colleague of mine referred to such incidents as?

    And as I have needed to explain to a number of really senior people in companies, and they really don’t like it, but alas, the truth, ‘look, you are the CEO of this company and hence, you think you are important, but it’s a case of scale, from Microsoft’s or Amazon’s perspective you’re,’ remind me, who are you again?’ From their perspective, you and your company are like ants to a giant, they’re vaguely aware of your existence but other than that….You go out of business tomorrow with the loss of x jobs, well, I’m sure Sundar Pichai, or Satya Nedellar will be losing sleep over it tonight!

    Or maybe not!

    It’s all a bit of a gamble really, it’ll probably, we’ll almost certainly, be OK - expect……!

    in the words of the great Harry Callighan, ‘do you feel lucky, well do yeh, punk….?’

  13. Trigun

    After it became obvious that MS weren't going to fix it soon, I would have created a temp mail box elsewhere, logged into my DNS portal and redircted the MX, SPF etc to that - just so that I could function.

    I'd then use the onmicrosoft email to test the old account.

    That said, this gentleman might not have the knowledge to do this.

    1. MachDiamond Silver badge

      "After it became obvious that MS weren't going to fix it soon, I would have created a temp mail box elsewhere, logged into my DNS portal and redircted the MX, SPF etc to that - just so that I could function."

      Precisely. I have my online assets set up so I can move to a new host in a matter of hours. My domains are registered through separate companies than my hosting account and everything is backed up on a regular basis. My host just had to move over the weekend as the DC where they had their racks decided to close down with less than a week's notice to their customers. I suppose it could have been worse than that, but if the hosting company I use got dragged down due to this, I'd be ok other than a day or so down. I tell my customers to call me (no text) if they ever send an email and I don't acknowledge I received it. As much as I can fix things, there are still plenty of things I can't do anything about and never will have control over them.

  14. Alan W. Rateliff, II
    Windows

    A tale as old as time

    So many licenses lost linked to bunged Microsoft accounts. So many services linked to bunged Microsoft accounts lost. So many hours lost to Microsoft support, each call turning into a side quest. Here comes someone with chutzpah. Godspeed.

  15. Falmari Silver badge

    $6 per month service

    $1.75 million seems a lot for the failure of a $6 per month service.

    Form the complaint.

    "5. Starting in 2010 the Plaintiff Law Offices of David M. Schlachter, LLC (“Law Office”) utilized a new product on the market that Defendant was providing, Office 365.

    6. At the time, this was a free service that provided free email and website.

    7. Commencing July 2017 this service became subscription only.

    8. Plaintiff Law Office switched its web hosting to another service but paid Defendant for email use.

    9. From July 2017 until January 2021 Plaintiff law office paid $5 a month per email address used.

    10. Commending around January 2021 the cost increased to $6 per email address used.

    11. On May 10, 2023, Mr. Schlachter could not longer access his email, the one he paid Defendant for (@lawdms.com). "

    Does not seem the lawyer thought the service was that important, after all he was running MS's free email and website version for 7 years. Only started paying when it was no longer free, moving web hosting to another service provider and paying MS for the email.

    1. MachDiamond Silver badge

      Re: $6 per month service

      I tell the people I work with to always own their domains and keep them separate from any other company such as M$, Google or any hosting firm. A domain and especially one you've had for years is a very valuable asset. If you are forced to change your domain, it's going to be painful.

    2. fpx

      Re: $6 per month service

      Once upon a time, about a decade ago, I read the T&Cs for Microsoft Windows.

      There was a clause that, if anything goes wrong, such as Windows eating your homework, and unless you can prove gross negligence, damages are limited to the amount of money that you paid for the Windows license, or US$ 50, or the actual damages incurred, whatever is less.

      It wouldn't surprise me if a similar clause applied here. So good luck attempting to prove gross negligence against an army of lawyers.

  16. spold Silver badge

    Keep in mind....

    1. We are dealing with a lawyer - they shouldn't be trusted with anything more technical than a baby play centre.

    2/ We are dealing with a lawyer - he can well afford to pay someone else to fix it.

    For case 2, I hope they charge the lawyer for the time they are on hold with customer support. :-)

  17. An_Old_Dog Silver badge
    Joke

    Microsoft Support Services DID Respond!

    They sent him an email asking for more details, and as yet, he has not answered it.

    TICKET #3288959883848920482 STATUS: pending customer response.

  18. Fizban64
    Pint

    Bring back Humans!

    Here's an idea,

    Lets bring back humans to manage these takes, lets make humans great again!

    All this stuff about never seeing your clients, not speaking to them on a human level, just shaking them down for all you can, well how about a general service desk where you can just ring a number and get sorted, sounds a bit radical, but if we could put a man on the moon in the 60's we can surely sort out someones access to their e-mail account!

    Radical I know.

  19. Obo010

    Wait, if it's a business account with MS, why cant he just disable the 2-Step via admin? And also, to re enable it, inztesd he can use an authenticator app instead of verifying via number.

    Atleast that way he can access the account instantly. Am I missing something here?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like