[narrator]

When I used to run my own MX on a home server, I would have bots connect and try to send mail to <random whatever>@mydomain. They never used the same email or IP and they did it for several years straight. I tried IP blocking, but the IPChains list got so long it started slowing down my server.

[toxik]

I had a similar issue, attempts to brute my server every minute of every day. I aggregated stats on the IP’s, basically every single one was Chinese. I blocked most of China’s IP ranges and it’s now as quite as it was in 2005.

[jchook]

This is why folks use techniques like greylisting and why you should almost never use a catch-all mailbox.

Spamhaus usually stops a big chunk of them too.

[toxik]

Hard disagree on catch all. A catch all allows you to trace who gave your address to spammers, and then to bin all email to that address.

[b112]

You don't need a catch all for that, just give unique email addresses to each, and edit /etc/aliases.

NOTE: a few bits of info here, although someone mentioning ipchains means their comment is from an older time of course:

- use ipset for large sets of blocked IP addresses. That's what it's for, and it works well without slowdown, even on massive sets

- http://www.ipdeny.com/ipblocks/data/aggregated

This is a nice list of IP addresses broken down by region. Handy do download weekly, or monthly, and then dump into ipset.

- firehol is also a nice list to use, eg:

https://raw.githubusercontent.com/ktsaou/blocklist-ipsets/ma...

[jchook]

Except then spammers who send to [huge list of words]@your-domain.com all go to your inbox. It's much safer to use a regex pattern or generate forwarding emails ad hoc.

Please contact me at f7m4 {at} proxyto.me if you have any interest in beta-testing an app that does this exact thing.

[FullyFunctional]

Yep, I've been doing this for nearly a decade. This in combination with Gmail's spam filter works just fine. I have caught quite a few emails to my parents from people who can't spell their (simple) email address.