I rarely use webmail to access my email. I have the addresses set up in a pop3 client. However, occasionally, I do use webmail. Today I found messages in the inbox that have been there for up to several months.

They were not addressed to the email addresses that I access with my pop3 client. Several were addressed: sales@dingeeadvertising.com (correct domain) but not a valid address.

Why were they not just bounced/rejected?

Greg

By default, no email to your domain name gets bounced - it is all sent to your username@domain.com account (username is your server login). You have to specify wether you want :fail (bounce back) or :blackhole (just dissappears) if you want non specified email accounts to do something different than goto your default account.

- Ed

Hi Greg,

That was a good response from Kata.

The "default" (or primary) email account that was assigned to you such as username@domain.com (where username is the same as your login) IS the primary email account that also acts as a catch-all for email coming to your domain. It works as a catch all until you set up individual specific email accounts for your domain, then those inidividual email accounts get their own email, then the catch all (default) gets all the "other" email coming to your domain.

Thus, you had never set up sales@domain.com or possibly others, and they went into the catch-all. Typically and commonly many spammers will use sales@ and webmaster@ and info@domain.com as spam email addresses. At one time many businesses used those on their websites for businesses so the spammers "think" that many people still use them.

For those people who do not use those "common" emails (sales etc) the catch-all will get those emails. What you can do, also if you want, is to set up Outlook with a profile for the "catch-all" so that you don't have to use Webmail for checking the catch-all (might be handy for checking for "valid" mistyped emails, such as if you used "george@" and they mistyped as "goerge@". Probably not too common for errors, but Outlook might be handy or more convenient.

As Kata mentioned, the alternatives are bounce or blackhole. In the case of bounce, for spam it may not get back to actual sender (most spam reply or from portions are forged) thus it would be needless traffic, and if bounced and "did" get back to true sender could "confirm" that at least the domain is valid (tho they would know the user@ was 550 invalid)... still rather needless traffic. Blackhole is the best for spam.

What I did was to use email filtering in Cpanel, set it up for sales@domain.com and webmaster@domain.com, to discard them. Just use the TO and contains sales@domain set for discard, etc.

Hope this also helps.

 

Right Kata,

.... that filtering (blocking) email sent to an "unused" email such as SALES@YOURDOMAIN.COM using the TO field "could" be missed if they put the "unused" email address into the BCC field....

The solution, then would be to use filtering of ALL HEADERS for containing the "probably spam -- unused" email address. Most definitely that would catch the unused email address and it would then be discarded (if so specified).

Our email filtering (blocking) with Cpanel has been quite effective. The one aspect that I really like is that I have blocked major spam sources, such as IP ranges. I had found that most came from certain countries and certain IP groups that were specific to those countries, thus I blocked those groups knowing that I would never receive any "legitimate" emails from those areas.

What I am really waiting for now is the ability to filter within the body/text for "Specific Web Links" most particularly those which use the Yahoo Redirector which is probably over 95% used for spam, but the only thing is that those web links in the message portion are contained within HTML and at present filtering can not occur within HTML coded messages. Some day hopefully filtering within HTML messages will be possible.

But back to the topic.... filtering though within ALL HEADERS would catch any spam coming to and UNUSEDEMAIL@MYDOMAIN.COM

Regards,
 :twisted: