Most web hosting companies offer catch-all email addresses for all their customers and at first it may seem like a fantastic service. With catch-all you don’t have to setup forwarders for each and every email address you need since all email sent to your domain will be forwarded to the same account.

That means that you can have all of the following addresses pointing to the same account without having to set them up individually

• support@sampleaddress.com
• webmaster@sampleaddress.com
• customerservice@sampleaddress.com
• admin@sampleaddress.com
• info@sampleaddress.com
• whateveryoufeellike@sampleaddress.com

Catch-all may seem like a fantastic service, but it’s in fact a big security issue due to spammers all over the world. Since you don’t have to setup each email address individually anything@sampleaddress.com will work on your domain. This can easily be abused by spammers since they can spam whatevertyefeellike@sampeladdress.com and you still get the spam email. In other words, they don’t have to figure out your email address since anything will work!!!!!

I forgot to turn off catch all on my domain xavierinc.com and I noticed today that the account was using amazing 10 Gb of space on the server. Since I only have a simple index file plus a few pictures (nothing more then 100Kb in total) in that account I was really surprised. Due to the catch all on that domain spammers had spammed anything they could figure out including email addresses starting with random letters and numbers like

• 1xexasiufyn3@xvaierinc.com
• 6q6lcyfgrlql@xvaierinc.com
• 4bkqbl73xbuz@xvaierinc.com
• qvsrjje7kdlp@xvaierinc.com
• em8l1lw3d8wp@xvaierinc.com

It took me over an hour to delete all that spam since it was way too much to delete even with rm -rf * so I had to delete about thousand spam emails at the time manually

So make sure you turn catch-all email addresses off on your hosting accounts before you run out of disk space and only setup the email addresses you need. Also stop using common worlds like webmaster@, support@, custoemrservice@ and info@ as email addresses since spammers tend to spam these commonly used addresses alot .

Rate this:

2.5

You may also be interested in...
News from eXavier.com - Upgraded hosting plans
Help us fight spam!
More space for your email
Getting paid to blog
Link baiting tips
Send registered email from XavierMail.com

This entry was posted on Saturday, July 19th, 2008 at 2:05 pm and is filed under Domain Names, HTML & The Web, Security, Web hosting. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.