East of the Sun, West of the Moon

2006/6/20

Catch you later

Filed under: Software — Erwin @ 10:38 pm

While convenient, using a catch-all setup for your email is a bit like playing with fire, these days.

Exhibit #1: My webspace provider DreamHost recently gave up on allowing its customers to create catch-all forwards on (sub)domains (with only one exception) because:

What happens is, people set up an email address @theirdomain hosted with us, and set it to forward to say, their aol email address. Then, they get spam @theirdomain. It forwards to aol. Aol sees it “originating” from us (when we’re just forwarding it on), and block us as spammers.

This is especially a problem because of this annoying habit of spammers to use made-up addresses. If it wasn’t a catch-all setup, DreamHost’s server would be able to stop most of that spam from ever getting to AOL because it would involve non-existing addresses and it would know this.

Exhibit #2: At work we have been using a DS200 device that (usually) takes care of 80% of the spam by applying several block-lists and a few other things, scoring it all and deciding based on that whether to pass it on to the actual mail-server. All fine and dandy except that starting Sunday the roles were changed unexpectedly and we started to see more accepted connections than denied ones, actually overloading the device and causing regular email to arrive… untimely!

The fix, it would appear, was to work out a solution for a few domains where a catch-all setup was in use and where a flood of messages/bounces was arriving on addresses that had never been used before and never would be.

Of course, any day now some spammer could decide to do something like that to one of my own domains… *crosses fingers*

Powered by WordPress