Other than having your default address set to fail, you can't do much. Between my many different POP accounts I've gotten around 100 of them today. I've even gotten a couple of bounce messages from ones I supposedly sent.
Some idiot out there is having fun seeing how many people will launch his attachments. They contain [email protected]
Well, ClamAV works fine for me as a freely available scanner. Others like fprot and nod32. TBH, I find that the additional file type and file name filters in MailScanner block nearly everything anyway regardless of virus scanning.
I have several email addresses I use that are set as forwarders to one POP account and the default is set to fail, but somehow I'm getting these emails to all different variations. The most recent one is [email protected] but I can't even send email to that. I view the raw file and there are no other addresses in the headers. How can they send emails to something that should fail and get it to me? Chirpy???
Even I'm having the same problem, lotsa domains on which default account is set to fail are still receving mails on addresses like [email protected] while these kinda email doesn't exist at all.
There's a subtle difference in the way emails are routed by the SMTP protocol that you do have to be careful about. Exim does its account checking on the email address using the SMTP protocol exchange at the beginning of delivery using the results from the "RCPT TO: [email protected]" command. That email address does not have to be the same as what appears in the email header for the To: (or other recipient) fields. I would suspect that that's where the confusion/problem is.