Yeah, Chris seems a bit of prick:

    "Just the fact that you listed your emails says it all."

Especially considering the context. It seemed pretty clear that the user was posting the email address publicly for the first time.

That is just awful, and is an awkward example of why you may not want unpaid, mostly un-vetted volunteers as the public face of a company.

Thank you!

I was wary of this thread showing up on HN because I felt I was a bit unkind when posting in that thread, but Chris' comment towards me seemed completely unjustified. And he deleted a prior post along the same lines, hence why I quoted him on my next post.

I also use unique addresses for every site, and while my Dropbox email wasn't compromised, I've occasionally gotten that response from tech support elsewhere.

You mean that tim-somespecificsite@mydomain.com was randomly compromised, but NO OTHER random email was mailed to me? No, that's not how spammers work. If they'd decided to spam tim-*, I would have gotten hundreds of emails...sigh...

Looks like Chris is battening down the hatches. His linked site[1] was up about an hour ago, but it redirects to a placeholder now. Also, he's deleted all but his first comment, wish I'd taken a screenshot of his other comments.

Tangentially related: It drives me nuts to deal with people whose default answers are "no," "you must be doing it wrong" and so on. Particularly the moderators who insisted someone must have guessed a ten digit random email address -- because Dropbox and its vendors couldn't POSSIBLY have ever done anything wrong, and it's MUCH more likely that a spammer magically brute-forced a 10 billion combination address! Grrr. I'm not sure what the right word is to describe that sort of personality, but such people should never have contact with customers. Or with me.

[1] http://cjwworld.cu.cc/

It's not just a 10-character address. It's a 10-character address on a non-standard domain (or so the conversation led me to believe). All without getting another email on that domain's catch-all address. If it was a spammer, who randomly-generated addresses on this domain, I would imagine that they would have been shotgunned across the whole domain. Not just hit that one single address.

Aaaannd cue internet vigilantes: http://cjwworld.cu.cc/?p=216#comments

Site appears to be up now.

Sounds like they're volunteers, not employees: https://forums.dropbox.com/topic.php?id=97303&page=2#pos...

They have a title, and that must mean they have authority. Volunteers are a fine thing, but make sure the title listed has the word "volunteer" in it else they will taken for employees.

On a side note, why the heck does dropbox have volunteers running their support forum? At this stage, cost savings isn't worth the reputation hit.

"On a side note, why the heck does dropbox have volunteers running their support forum?"

If I had to guess - I'd suspect three or four "nines" of their customer support workload comes from their "free tier" non-customers. (Having said that, there's evidence upthread in these HN discussions saying they're also dropping the support ball for paying, even team-account-sized paying customers - that's not OK...)

Doesn't really matter for dropbox users though. They're the people the seller is putting in charge of being its face in the support place, and they're awful.

why wouldn't you want your employees having contact with your customers?

GP means that, if these are employees, their capacity for dealing with customers is so low that it's a net negative for them to continue doing so.

Yes. That's what I meant. Sorry for my broken English.