I Hate Backscatter With a Passion
Aug 16th, 2007 by Alex
I the course of four hours I got hammered with backscatter from someone’s spam run. It looks like the batch included a lot of the recent PDF spam that is circulating. The mail server handled it pretty well, but I still had to clean out the 1,600 bounce emails this afternoon. If I weren’t insistent about handling the catch-all myself, it would have been a lot less.
The server handles a decent amount of mail normally… but this is a bit more than normal. If the graph is fuzzy, click for the full-size.
I like being able to give out vanity email addresses on the fly and know they’ll be valid. Like if I want to sign up for email at Best Buy or Circuit City or somewhere that I don’t want to provide my actual email address. Stupid stuff like this makes me reconsider.
![[del.icio.us]](http://www.moundalexis.com/images/delicious.png){kind=small}
The catchall needs to be ditched. As long as you use the standard array of standard email addresses which work (postmaster, abuse, mailer-daemon) and your administrative contact on your whois record actually resolves to a real email address, you’ve done a good enough job. Beyond that, accounts like sales, info, accounts, etc, all are big defacto spam-holes for every domain, so pitching them if you don’t actually use them should work.
I do the same thing with “vanity” email addresses. Sometimes I fill out the little form and make a mental note to make a new .qmail file to support the new email address. I think I have 30 or 40 .qmail files, all for different services I use, so I can just route unwanted email right into /dev/null if the address gets sold.
[...] Once in a while is fine but when a spammer goes and spoofs my domain name and sends out hundreds of thousands of spam messages, thousands of those are destined to fail and be returned to me. Rather than deal with the large scale backskatter again, I decided to kill my catch-all. I will miss it, but it took too damned long to sort through all of that mail. I’m pretty sure I deleted a handful of valid emails in the process. [...]