Catchall Email Addresses

By Deane Barker on August 17, 2004

Is there a point to “catchall” email addresses anymore? You know, those addresses where misaddessed email to your domain gets routed? Let me explain —

I was having some email trouble this morning. POP3 response from the server was sporadic, and when I got a command line on the box, things were very slow. I poked around a bit and found the problem.

I had not been checking and clearing the catchall account. It had been accumulating mail for about three weeks. It contained — are you sitting down? — 582,384 emails. Yep, just over half a million. I had to delete the entire account and bounce the Qmail process to get things running smoothly again. (The mere fact that it was running at all is a credit to RedHat 7.2 — a 1.1 GHz Athlon only goes so far…)

If 90% of email is spam (as it is in our office), then 99.9999999% of the email in a catchall account is going to be spam because 99% of inbound spam has an invalid address. This was proven to me when I created a script to empty the account once per hour. Here was the log file 15 minutes after I recreated the account:

8/17/2004 12:12:54 PM: Start Processing
8/17/2004 12:13:37 PM: 276 message(s) found
8/17/2004 12:13:37 PM: Deleting…
8/17/2004 12:13:38 PM: 0 message(s) found
8/17/2004 12:13:38 PM: End Processing

Almost 300 messages in 15 minutes. One hour later:

8/17/2004 1:11:00 PM: Start Processing
8/17/2004 1:13:29 PM: 1030 message(s) found
8/17/2004 1:13:29 PM: Deleting…
8/17/2004 1:13:30 PM: 0 message(s) found
8/17/2004 1:13:30 PM: End Processing

That’s right — a thousand messages an hour are coming in misaddressed. That’s one every four seconds.

Now, of those thousand, how many are legitimately misaddressed emails? I’d say a fraction — I think we probably get one legitimate misaddressed email every couple days, so one of every 75,000 or so messages is misaddressed. I don’t care how good your spam filter is, you just can’t process that much volume with any reasonably quality.

Why not just bounce them all, you say? Because we get bounces from our bounces. Some people have their mail servers configured to bounce Message Failure messages. So a spam comes in, can’t find a mailbox, and bounces to the Reply-To on the message…which is — not surprisingly — fake, so about 10% of the time the message bounces back to the server administrator email account on our box. So, once again we have a bunch of bad emails accumulating somewhere.

I’d like to bounce them so that a legitimate sender at least knows that they misaddressed the email, however, I’d have to be able to change the Reply-To on the bounce so that the bounced bounces go somewhere we don’t care about. Sadly, the server management software we’re working with doesn’t allow that.

I’ve abandoned the idea of a catchall account. There’s just no way we can manage it effectively. Too bad.

I hate spammers.

Gadgetopia

Comments

  1. I use spam@mydomain as a catch-all. Everything goes there, except for the few legitimate emails I get from friends, family, and services who know to use my “real” email address (which is semi-protected with SpamAssassin).

    Everything to spam@ (i.e. admin@, webmaster@, viagra-seeker@) gets bounced and doesn’t accumulate on my end, and I could care less what happens after that.

  2. Check this out:

    8/18/2004 9:28:08 AM: Start Processing 8/18/2004 9:43:17 AM: 6318 message(s) found 8/18/2004 9:43:17 AM: Deleting… 8/18/2004 9:43:29 AM: 45 message(s) found 8/18/2004 9:43:29 AM: End Processing

    It found over 6,000 messages overnight, and in the time between when it started deleting them and when it finished, 45 more messages came in.

    I can’t win.

  3. I (typically) don’t confirm my emails to people who use SpamAssassin, becuase SpamAssassin has been known to spam the innocents who confirm their messages. Just can’t win!

    Although now think I’m lucky to only receive hundreds and not thousands in the catchall each day… wow.

  4. “Why not just bounce them all, you say? Because we get bounces from our bounces. Some people have their mail servers configured to bounce Message Failure messages. So a spam comes in, can?t find a mailbox, and bounces to the Reply-To on the message?which is ? not surprisingly ? fake”

    when you reject email {at smtp time} its the upstream sender who sends the bounce to the address and bounces it from envelope sender of <> thus no bounces can bounce back {ie bounce wouldn’t be from your domain anyway}

    anything else just aint rfc compliant behaviour

    if you accept mail then reject later {constructing your own bounces} definitly change the e-mail software as this is a waste of your servers time it should reject at smtp time before the message is sent to you {ie just after they say who it’s to, it should be failed if the to: address isn’t on the system}. if your bounces are sent from anything other than <> also consider a change of software

  5. as to wheither catchalls have a point i find they do i have subdomains that exist purely for this purpouse thus if i have to fill out a form on a website {to order plane tickets, concert tickets whatever i use the address

    http://www.sitename.com@subdomain

    thus i get all mail to *@subdomain and the day they sell my e-mail i know who is responsible because i know i only ever used it on http://www.sitename.com

    also i then set http://www.sitename.com@subdomain to :fail: all others to work afterward

    currently blocking 20 address in subdomain after 6 years of use so far {most not sold by sites but published in newsgroups or forums that didn’t hide members details}

Comments are closed. If you have something you really want to say, email editors@gadgetopia.com and we‘ll get it added for you.