deleting old email forwarders doesn't stop spam

JohnnyBob

Active Member
Oct 13, 2006
35
0
156
I keep a large number of email forwarders and have deleted some of the older ones a long time ago. However emails are still being sent to those old addresses by spammers. They are received and stored by my domain host, or discarded with an undeliverable notice to sender, depending on the cpanel setting. The cpanel setting is not too obvious. It is found at the bottom of the forwarder screen as a link where it says: If you wish to set your default address, or "catch-all," please click here to be taken to the Default Address page. The link is to the following cpanel screen:
Code:
Set Default Address

The default email address will "catch" any mail that is sent to an invalid email address for
your domain. To send all default mail to the main mail account, type the username of your
cPanel account into the "Forward to email address" field.

Default Address Maintenance
Send all unrouted email for:
Current Setting: :fail: No such person at this address

Discard with error to sender (at SMTP time)

    Failure Message (seen by sender): 

Forward to email address

    Forward to email address:

Advanced Options »
Normally I use the "Current Setting: :fail: No such person at this address" setting, so incoming mail to my domain for which there is no current forwarder is bounced back to sender with an undeliverable message. However that does not stop the spammers from sending to those old forwarder addresses, which is easy to determine by temporarily changing to setting to allow all messages to come through. In a 2 month period I received over 1,000 spam messages in that fashion sent to old outdated deleted email forwarders.

My question is: Is there any way to really totally kill those old forwarder addresses so that nobody can ever send email to them again? I suppose that might involve some kind of technical manipulations of the email forwarders, Mx entries or whatever they're called(?), which is beyond my understanding.

Thanks.
 
Last edited:

mtindor

Well-Known Member
Sep 14, 2004
1,378
69
178
inside a catfish
cPanel Access Level
Root Administrator
No, you can never stop someone from trying to send to an address. The best you can do is make the address nonexistent and disable any catchall. Seriously though, who cares if they attempt to send to a nonexistent address as long as it is rejected during SMTP time? Even if they were sending many messages a second to that nonexistent address, it wouldn't be an appreciable load on the server since it's rejecting during SMTP and not scanning any of those messages prior to rejection. And, if they were sending many messages a second to the nonexistent address and you had rate-limiting turned on, that's even better.

M
 

JohnnyBob

Active Member
Oct 13, 2006
35
0
156
No, you can never stop someone from trying to send to an address. The best you can do is make the address nonexistent and disable any catchall. Seriously though, who cares if they attempt to send to a nonexistent address as long as it is rejected during SMTP time? Even if they were sending many messages a second to that nonexistent address, it wouldn't be an appreciable load on the server since it's rejecting during SMTP and not scanning any of those messages prior to rejection. And, if they were sending many messages a second to the nonexistent address and you had rate-limiting turned on, that's even better.

M
Thanks for the info.

Obviously some spammers don't check to see what is undeliverable and remove those addresses from their lists. If there were some way to totally kill all those non-existent addresses, that would remove a burden on the email system (servers). Otherwise, I don't care.

You say "...if they were sending many messages a second to the nonexistent address and you had rate-limiting turned on, that's even better."

I am not familiar with "rate limiting". How would I turn it on, and are there any other consequences?

I do not like to activate spam shields in general because I lose too many legitimate emails that way. The forwarder method has worked very well for me over the years because all addresses are easily disposable and changable. If I use a unique email forwarder address for each person, then I know exactly where each spam leak originated. It is a bit tedious but I generally use that method. It's very rare that I receive a spam message now, no more than 1 per month on average.
 

mtindor

Well-Known Member
Sep 14, 2004
1,378
69
178
inside a catfish
cPanel Access Level
Root Administrator
If you aren't the server administrator [root], there isn't much you can do with regard to setting rate limiting or manipulating any other antispam measures. If you do have root [WHM] access then you can go into the Exim Configuration Editor and enable rate limiting and do a lot of other things to help alleviate spam. If you have root access, the use of reputable DNS blacklists and rejection of messages who are HELOing in ways they shouldn't [all adjustable via Exim Configuration Editor in WHM] as well as rate-limiting hosts really does a lot to nail a ton of the spam.

Of course, if you don't like to activate spam shields because you lose too many legitimate emails, then either you aren't in the US [which I realize is quite possible] or somebody doesn't have something configured right. Antispam measures on cPanel are better than any built into any other web hosting platform, and if tuned right can really do a nice job curbing spam. Of course, nothing can beat a standalone dedicated box (like a Barracuda) or external spam filtering (MessageLabs, Postini, etc.).

Your method of using forwarders can be effective. I never bother to do that, but if I were to create a new email account somewhere in the future I'd probably consider doing that.

M

Thanks for the info.

Obviously some spammers don't check to see what is undeliverable and remove those addresses from their lists. If there were some way to totally kill all those non-existent addresses, that would remove a burden on the email system (servers). Otherwise, I don't care.

You say "...if they were sending many messages a second to the nonexistent address and you had rate-limiting turned on, that's even better."

I am not familiar with "rate limiting". How would I turn it on, and are there any other consequences?

I do not like to activate spam shields in general because I lose too many legitimate emails that way. The forwarder method has worked very well for me over the years because all addresses are easily disposable and changable. If I use a unique email forwarder address for each person, then I know exactly where each spam leak originated. It is a bit tedious but I generally use that method. It's very rare that I receive a spam message now, no more than 1 per month on average.