Last week we were starting to test an application that I implemented for a customer. Part of that application does approval workflows, so we had to create test users. We did not want to disturb real users with emails, so the customer created the test users with “email@example.com” email addresses.
After about a week we started getting bounce messages from firstname.lastname@example.org ;)
The emails that were sent also contained user names and passwords for newly created users. Granted, only for test systems that are not accessible from anywhere, but still: in this day and age, you need to be careful with email systems.
I wonder how many emails, and how many ones with “interesting” content, the postmaster for test.com is receiving from people all over the world…
Time to ask yourself: what are you entering in the email address field when you’re testing something, or providing dummy data in a web registration form?