Catch All Email

The catch all email was a great thing back in the day it was neat you could retrieve mail for [email protected] [email protected] ect. ect. all through one simple email address.  A lot of users used it without issue and it solved having to check various emails they could just tell users to email random addresses and it would arrive at it’s spot.  Fast forward to now and the large amounts of mail received by pretty much any domain on the internet and this once cool feature is now a major headache for us as well as any other hosting provider.

With the rise of spam and users no longer displaying their emails on sites the spam bots have become much smarter.  It’s no longer use email addresses found on web sites and only use them.  The spam bots now send mail to [email protected], [email protected], [email protected] ect. ect.  As a result of this a simple spam email could become a mail bomb of thousands of emails hitting a single email account thus putting extreme strain on the server as well as quickly filling a users mail box.  So a lot of users stopped using this feature in favor of forwarders for the specific email accounts so it’s been less of a problem.  Of course some users still use this feature until they get hit by mail bomb and they end up switching out as it’s impossible to manage their own mail anymore.

Even with this no longer being a preferred feature of users we still run into problems with people having the default/catch all set to their accounts username.  We by default have this set to fail rather than catch the mail unfortunately by cPanel last I checked the default was catch-all.  The majority of web hosts do not do a great job with managing their servers so they have it set to catch all.  When we have to restore a users account from another server we inherit the ugly catch all that was setup.  So we get to deal with the spam and mail the user receives to any possible email address to their domain.

Now you might be saying well doesn’t spam help prevent all this mail?  It does but it cannot stop it all and it also slows down a server.  The mail portion on a server is one of the most intensive portions due to just the volume of mail coming in every day.  This is why a lot of providers have suggested to their users use services like google apps or have outside mail servers.  They are attempting to off load one of the most expensive things on their servers which is mail.  Now add in the fact the mail includes spam from every possible email address for a domain and it becomes much more of a problem.  So us using spam blocking techniques do not solve the issues they just help the user while we still need to process the mail going through our spam checker system then if the spam count is high enough getting thrown away.  Also spam blocking systems do not come near effective at blocking everything without blocking a lot of legitimate mail in the process.

All the CPU usage from the mail does not factor in the pure amount of mail you will receive when you have a default mail address set to say the username of your account.  We’ve had users move from another host and it’s enabled and they do not check the default email address.  A few years later and they’ve hit their quota as their default mail address is 2GB of mail or more.  So it can fill a users quota up pretty easily if left unchecked for a long time which is usually the case since the user is not aware it’s even enabled.

So the only solution here is to say no to the catch all email feature.  If you’ve never checked it out in cPanel I suggest visiting the “Default Address” feature in cPanel and making sure it is set to “Discard with error to sender (at SMTP time)".  A lot of hosts do not have this set so if you came from another host it’s probably not set to fail on a non existent email address.