> Every 5 seconds a spammer sends something to a bunch of random letters @ your domain
In my experience, this is an exaggeration of the truth. I've been using catch-all addresses for something like 15 years. And yes, there are times when I'll get dozens of spam over the course of a day sent to random letters. But that's a pretty rare occurrence.
I default to allowing any <string>@<mydomain.tld>, and then uses aliases to block offenders. My <string> is often a domain name where I'm using the email address, which means I know who either willingly spams me, sells my email address, or otherwise allows my email address to be leaked. At any rate, I'll throw addresses used for spam onto a disabled account as an alias, resulting in bounces.
The biggest advantage here over aliases is that I've used hundreds of aliases, but didn't have to manually track and add each and every one to my email address. Since most of the time, my email is not used for spam, I only have to manually add the bad ones.
It varies. It likely is an exaggeration for you, but for someone else it isn’t. It only needs to target a few domains to act as a DDOS. Rejecting invalid recipients reduces spam scanning overhead. It’s very significant at scale, for someone managing enough domains to see it.
The problem seems to be that while many domains don’t see this behavior, it seems random which ones do. Having the catchall in place when someone finally does target your domain like this seals the deal: Every one of the 16,000 recipient addresses that were accepted were just added to a list of working email addresses to be sold to spammers for the next 15 years. One hour to ruin your domain, and maybe it never happens to you, or maybe it happens to you tomorrow.
I’ve seen it go down like this at least a few hundred times in the last decade. Safe to say I’ve managed email for a few domains during that time. Enough to say it doesn’t happen to most people, but the ones it happens to usually end up having to disable their catchall or buy a new domain.
As an admin of shared mail servers you often have to base protections and actions on the worst of events, as those are the ones that threaten your infrastructure.
Haha, it's not an exaggeration. It's logs. You don't receive it because the system is constantly filtering it. I do not deem it to be worth the potential spam and many other email systems agree on that.
You are not familiar with my system or my logs, so your claim about the filtering is invalid. If some "system" outside of the receiving mail server filters it, then it's irrelevant to whether or not you offer the service.
Not sure what you mean. This isn't about your system or your logs. If you use Mango Mail, we aren't talking about any other system. I am telling you the attempted spam I see hitting MY servers.
- Business: Legit customers sometimes guess e-mails like support@, abuse@, sales@, jobs@, careers@, info@, and other language variants of these words, you may not want to set up mailboxes for all of these.
- Personal: Plus addressing doesn't work with many services but you sometimes want a single-use e-mail address to purchase something from a website and still have the receipt.
I generate one-time only email aliases to virtually every service I use. Some sort of a poor-man's hide my email from iCloud. If that email is compromised, or I start receiving spam for it, I know where it came from. This has become a vital part of my workflow, and not having it is a show stopper to me, unfortunately.
However, we do have all of the following:
- subdomain addressing - plus addressing - aliases
Can you tell me what you use case for catch-all is? I'm open to rethinking it.