Neil Turner's Blog

Blogging about technology and randomness since 2002

Catching all again

About 6 weeks ago a spammer starting using random addresses at the domain as the return address for his canadian pharmacy spam, which resulted in me being deluged by delivery failure messages until I turned off the ‘catch-all’ feature in my email settings which redirected all mail sent to this domain to my mailbox.
Anyway, I’m pleased to say that the deluge has now stopped, and that the catch-all feature is now enabled again. During the time that I had it disabled, I had the messages redirected to another account which I cleared out using Webmail, so I didn’t actually lose any emails not sent to my main account.
I’ve also resurrected an old email address that I haven’t really used in a while – neilturner at myrealbox dot com. This used to be my old primary address but I’ve since all but stopped using it, mainly because it receives so much spam. Anyway, mail from that account is being forwarded to Gmail, and Gmail’s spam filter is currently filtering about 98% of the spam that account receives. Though as yet I’ve only received one legitimate message from someone who hadn’t updated my details.
I don’t know how permanent this will be though so don’t go adding my myrealbox address to your address books. neil at this domain is still my primary address.

5 Comments

  1. You have inspired me to check my catchall again to see if the spammers have either stopped using it or at least slowed down.
    I would say that over 2 years ago, my domain was used for spamming. I found I was getting about 500 bounce messages a day a couple of days later. It didn’t take long for me to send the catchall to :blackhole: to ignore it.
    I have checked it occasionally before, but saw it was still happening.
    I decided to take a page from your book and create an address that the catchall goes to so that I can at least check the account occasionally to see if it’s stopped yet.

  2. If you are on a cPanel server, it is more efficient to use the “:fail: no such address here” setting then “:blackhole:”. This is because :fail: rejects the message before it is completely sent to the server (therefore it doesn’t use up as much bandwidth/processing), whereas :blackhole: causes the email to be “delivered” to your account before it is deleted (using up bandwidth – which is counted towards your quota – and CPU usage).

  3. I am a cPanel user. I hear what you are saying there, but I just didn’t want to give any indication that the email address was valid. Using :blackhole: won’t send a message back to the “sender” that the message was blocked. At least, that is what I got from reading the text about :fail:.
    If I am wrong about that assumption, please let me know. I’ll use it when and if I set it back.

  4. A good explanation of the benefits of :fail: can be found on http://www.configserver.com/free/fail.html – if anything, using “:blackhole:” may indicate that the email address is valid (even though it isn’t), but “:fail:” will let the spammer know that that email address definetly does not exist (and so, in theory at least, should prompt them to remove that address from their lists).

  5. You might just be right about this. I have noticed a ton of messages coming in with addresses like lksfjlsfkj [at] metzener [dot] com. That’s unfortunate. Thunderbird is catching most of them and putting them in the spam folder, but I don’t know if I’ll be able to keep the catchall coming in.
    Is there a way to forward individual email addresses to a :fail: type address? I have been forwarding them to null@null.net, but I suspect that isn’t really a good way of forwarding email addresses I don’t want to bother with anymore to.