Xavier What we have to say on Twitter
Xavier Xavier

Xavier Media®
line

  Subscribe by email Subscribe via email

  Feed link Subscribe via RSS
  What is RSS? What is RSS?

  MyXavier Follow @XavierMedia

  Twitter Follow @XavierMedia

  Facebook Our Facebook page

XavierMedia.com

Webmaster Tools

Keywords

.com Adobe Affiliate program articles Banner Exchange blog Clickbank Contests Domain names Easy PLR eBay/PayPal Education Entrecard exavier Facebook Finance Fun & Games Google Hosting HTML & The Web Malware Marketers Mistakes McAfee Microsoft Movies Nicole Dean password Passwords PayPal PHP & MySQL phpBB plugin Security SEO Site of the Month Spam TLD Top Level Domains Trojan TV Twitter UK Stuff Windows Wordpress Yahoo

RSS iPhone and iPad stuff – Most Useful Things
«
»

Why catch-all email is a bad idea

July 19th, 2008 by Andreas from Xavier Media® in Antivirus & Security, Domain names, Web Hosting. Topics: ,

Most web hosting companies offer catch-all email addresses for all their customers and at first it may seem like a fantastic service. With catch-all you don't have to setup forwarders for each and every email address you need since all email sent to your domain will be forwarded to the same account.

That means that you can have all of the following addresses pointing to the same account without having to set them up individually

  • support@sampleaddress.com
  • webmaster@sampleaddress.com
  • customerservice@sampleaddress.com
  • admin@sampleaddress.com
  • info@sampleaddress.com
  • whateveryoufeellike@sampleaddress.com

Catch-all may seem like a fantastic service, but it's in fact a big security issue due to spammers all over the world. Since you don't have to setup each email address individually anything@sampleaddress.com will work on your domain. This can easily be abused by spammers since they can spam whatevertyefeellike@sampeladdress.com and you still get the spam email. In other words, they don't have to figure out your email address since anything will work!!!!! :evil:

I forgot to turn off catch all on my domain xavierinc.com and I noticed today that the account was using amazing 10 Gb of space on the server. Since I only have a simple index file plus a few pictures (nothing more then 100Kb in total) in that account I was really surprised. Due to the catch all on that domain spammers had spammed anything they could figure out including email addresses starting with random letters and numbers like

  • 1xexasiufyn3@xvaierinc.com
  • 6q6lcyfgrlql@xvaierinc.com
  • 4bkqbl73xbuz@xvaierinc.com
  • qvsrjje7kdlp@xvaierinc.com
  • em8l1lw3d8wp@xvaierinc.com

It took me over an hour to delete all that spam since it was way too much to delete even with rm -rf * so I had to delete about thousand spam emails at the time manually :(

So make sure you turn catch-all email addresses off on your hosting accounts before you run out of disk space and only setup the email addresses you need. Also stop using common worlds like webmaster@, support@, custoemrservice@ and info@ as email addresses since spammers tend to spam these commonly used addresses alot :( .

About the author
Andreas co-founded Xavier Media® in 1996 and has since been involved in all kinds of development, marketing and making money online.

 

You may also be interested in...
"Steve Jobs funeral" – Dangerous search results
Entrecard Market sucks!
HSBC phishing from FreeWebSpace

Subscribe to new posts from this blog

2 Responses to “Why catch-all email is a bad idea”

  1. Import from China Says:
    July 20th, 2008 at 2:54 pm

    Nice post, you got some good points there – thank you.

  2. web site information Says:
    December 25th, 2008 at 9:46 pm

    Great blog. Just stumbled here late on Christmas day – but I'll definitely be back – - Happy new year to all

Leave a Reply

Powered by WP Status.net plugin.

RSS XavierMedia.org

RSS Easy PLR

 line
line line
line © Copyright 1996-2012 Xavier Media®. All rights reservered.
Contact us | Support/help | Privacy Policy | Company Info
The World According to Xavier | Domain Names