Is there a point to “catchall” email addresses anymore? You know, those addresses where misaddessed email to your domain gets routed? Let me explain —
I was having some email trouble this morning. POP3 response from the server was sporadic, and when I got a command line on the box, things were very slow. I poked around a bit and found the problem.
I had not been checking and clearing the catchall account. It had been accumulating mail for about three weeks. It contained — are you sitting down? — 582,384 emails. Yep, just over half a million. I had to delete the entire account and bounce the Qmail process to get things running smoothly again. (The mere fact that it was running at all is a credit to RedHat 7.2 — a 1.1 GHz Athlon only goes so far…)
If 90% of email is spam (as it is in our office), then 99.9999999% of the email in a catchall account is going to be spam because 99% of inbound spam has an invalid address. This was proven to me when I created a script to empty the account once per hour. Here was the log file 15 minutes after I recreated the account:
8/17/2004 12:12:54 PM: Start Processing
8/17/2004 12:13:37 PM: 276 message(s) found
8/17/2004 12:13:37 PM: Deleting…
8/17/2004 12:13:38 PM: 0 message(s) found
8/17/2004 12:13:38 PM: End Processing
Almost 300 messages in 15 minutes. One hour later:
8/17/2004 1:11:00 PM: Start Processing
8/17/2004 1:13:29 PM: 1030 message(s) found
8/17/2004 1:13:29 PM: Deleting…
8/17/2004 1:13:30 PM: 0 message(s) found
8/17/2004 1:13:30 PM: End Processing
That’s right — a thousand messages an hour are coming in misaddressed. That’s one every four seconds.
Now, of those thousand, how many are legitimately misaddressed emails? I’d say a fraction — I think we probably get one legitimate misaddressed email every couple days, so one of every 75,000 or so messages is misaddressed. I don’t care how good your spam filter is, you just can’t process that much volume with any reasonably quality.
Why not just bounce them all, you say? Because we get bounces from our bounces. Some people have their mail servers configured to bounce Message Failure messages. So a spam comes in, can’t find a mailbox, and bounces to the Reply-To on the message…which is — not surprisingly — fake, so about 10% of the time the message bounces back to the server administrator email account on our box. So, once again we have a bunch of bad emails accumulating somewhere.
I’d like to bounce them so that a legitimate sender at least knows that they misaddressed the email, however, I’d have to be able to change the Reply-To on the bounce so that the bounced bounces go somewhere we don’t care about. Sadly, the server management software we’re working with doesn’t allow that.
I’ve abandoned the idea of a catchall account. There’s just no way we can manage it effectively. Too bad.
I hate spammers.