It's not "we received a letter about you". If they get a NSL, then they _don't_ post the canary. That's a key difference, between action and inaction, and it's what the whole thing rests on.
I'm saying that the reason warrant canaries haven't gotten companies in trouble yet is because they're so vague as to be practically useless and that revealing to a person that they were the target of an NSL, through either action or inaction, would probably be over the line legally.
At the very least it'd be a massively expensive test case and the companies that have the money to pay for that have too much to lose on a case that isn't solid. It'll come down to the very technical legal question of action vs inaction that would probably wind up in the supreme court.
Not that it's been tested in (non-secret) court.