Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Note that you should only do this for maybe 6-18 characters, some sites will test send an email to [30-100 character random string]@example.com and see if it bounces - if it doesn't, it'll suspect that domain to be some spammer with a catch-all email inbox and block it.


That's a terrible approach, plenty of valid, legitimate non-spamming domains use catchalls of arbitrary length for all sorts of reasons.

Additionally, sending a test email like that might also get the sender placed on a black list for triggering a spam trap inadvertently.


That's a worrying strategy because there are many reasons for using a catchall. Example: one email per site to track companies selling personal data, then maybe bounce that single email address.

Do you know any site blocking domains with a catchall?


Yeah, if you have a domain of your own the sensible thing is a catchall, use a different address everywhere and block the ones that spam.


Do you know what sites do that? I have my own domain and I haven't seen anybody do that. The obvious solution is to configure your mail server to only accept usernames before the '@' that adhere to some rule which only you know. Like checking if it is a palindrome or something obscure like this.


I watch multiple corp's mail logs extensively, this is not even remotely a common thing.

Worse, I know at least 5 or 6 people personally, which do catch all. It seems like a very poor method to reliably catch spammers.


Max local part size is 64 octets. So 100 chars would be out of spec.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: