[Lightbody]

This is a great reminder that when working with test data for stuff like email delivery, always use example.com (or a few other similar TLDs) and not stuff like "test.com" or "acme.com" or "dummyuser.com". I see this all the time by devs and they don't understand the risk and why example.com was put into the standards.

[psadauskas]

I always use `myco.example` for testing requests and emails, as well as documentation. https://en.wikipedia.org/wiki/.example

It'll never resolve to anything, and makes it really obvious the code is for testing or sample code.

[orev]

Never heard of the .example TLD, so thanks for that. However, an issue I see with it is that it doesn’t look like a domain name. Things that end in ‘.com’ are synonymous with domain names, regardless of how accurate that assumption really is. I think people are just starting to get familiar with these new alternative TLD names, but I can easily see business people not understanding ‘myco.example’, while they would understand ’example.com’.

[tomcam]

No guarantee an .example TLD won't be created

[magicconch]

The first line of the linked Wikipedia page states that it will never be created.

[tomcam]

Ahem. Thank you.

[renewiltord]

Literally the standard, my dude. https://datatracker.ietf.org/doc/html/rfc2606#section-2

[throwawayboise]

Standards can change, but I guess if you allow for that, example.com is no better.

[tomcam]

Doh! Thank you for the correction. I thought I had read that RFC

[tomcam]

Well I am hilariously wrong. Thanks, renewiltord.

https://news.ycombinator.com/item?id=29629387

[linuxlizard]

I have a .com domain with 'test' in the name. I was mildly DNS spammed because Microsoft admins would create that thing with test in the name. I'd get 10-20 DNS packets a day. I moved it to an external DNS provider just to give my logs a break.

[mathfailure]

20 packets a day? Phew! So you barely survived the DDoS!

[tsss]

Well, you also have to run the Kubernetes cluster, ELK stack, Postgres, Redis, Kafka, Prometheus, Grafana and Jaeger to monitor the application and scale elastically between 0 and 20 packets.

[3np]

Maybe they’re running their DNS server on a solar-powered Arduino.

[Uehreka]

At least you’re not a sysadmin for Contoso, those folks must have their hands full.

[GauntletWizard]

I have an integration test domain. It's just another domain, so far as my systems are concerned, but it's another domain I own and sign up as a customer for all my services. Rather: I sign it up as a customer on my staging instance, which is a real, public facing instance, that gets no advertising.

It's a real domain with functioning... whatever I need to test. Email, DNS, Identity servers, etc.

[tdrdt]

Exactly this. People heavily underestimate how many domain names are registered.

There is a huge chance that you hit a mailbox when you make up an email address.

[throwawayboise]

Yep, even if you use a "random" email address like j4i58tujq45uh@foobar.com, they may very well have a "catch all" email account that will receive that mail.