|
|
|
|
|
|
by neogodless
963 days ago
|
|
|
> Every 5 seconds a spammer sends something to a bunch of random letters @ your domain In my experience, this is an exaggeration of the truth. I've been using catch-all addresses for something like 15 years. And yes, there are times when I'll get dozens of spam over the course of a day sent to random letters. But that's a pretty rare occurrence. I default to allowing any <string>@<mydomain.tld>, and then uses aliases to block offenders. My <string> is often a domain name where I'm using the email address, which means I know who either willingly spams me, sells my email address, or otherwise allows my email address to be leaked. At any rate, I'll throw addresses used for spam onto a disabled account as an alias, resulting in bounces. The biggest advantage here over aliases is that I've used hundreds of aliases, but didn't have to manually track and add each and every one to my email address. Since most of the time, my email is not used for spam, I only have to manually add the bad ones. |
|
|
The problem seems to be that while many domains don’t see this behavior, it seems random which ones do. Having the catchall in place when someone finally does target your domain like this seals the deal: Every one of the 16,000 recipient addresses that were accepted were just added to a list of working email addresses to be sold to spammers for the next 15 years. One hour to ruin your domain, and maybe it never happens to you, or maybe it happens to you tomorrow.
I’ve seen it go down like this at least a few hundred times in the last decade. Safe to say I’ve managed email for a few domains during that time. Enough to say it doesn’t happen to most people, but the ones it happens to usually end up having to disable their catchall or buy a new domain.
As an admin of shared mail servers you often have to base protections and actions on the worst of events, as those are the ones that threaten your infrastructure.