The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How do I turn off my catch all email account?

Discussion in 'E-mail Discussions' started by PWSowner, Apr 16, 2004.

  1. PWSowner

    PWSowner Well-Known Member

    Joined:
    Nov 10, 2001
    Messages:
    2,948
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    ON, Canada
    With most new accounts, you have a default email account that is called a catchall account. Any email sent to anything@yourdomain.com will go to it if there is not a seperate account for it. Some people like it this way, but many people don't. Over time, you will find yourself getting a lot of spam to all kinds of email addresses.

    If you would rather have only specified email accounts and not have everything go to a default email, you need to create a POP account or a forwarder for whatever you want your email address to be, then set your default email to blackhole.

    To turn off the default email, go to your cpanel link for "Default Address" which may be on your cpanel front page, or may be in a mail page. On that page you will see "Change Default Address" and "Send all unrouted mail for [domain.com] to _____________. In the box, just put :blackhole: with the : before and after it.

    This will make anything going to non-existant email addresses just disappear.

    Just don't forget to either create a POP account or a forwarder if you want to use an email address at your domain.
     
  2. Roy@ENHOST

    Roy@ENHOST Well-Known Member

    Joined:
    Mar 5, 2002
    Messages:
    495
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Los Angeles California
    Thanks for that one Mike, never knew about that.

    How dya figure it out?
     
  3. PWSowner

    PWSowner Well-Known Member

    Joined:
    Nov 10, 2001
    Messages:
    2,948
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    ON, Canada
    Experience ;)

    and reading it somewhere one time. :D
     
  4. rs-freddo

    rs-freddo Well-Known Member

    Joined:
    May 13, 2003
    Messages:
    832
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Australia
    cPanel Access Level:
    Root Administrator
    IMHO you should really use :fail: not :blackhole: - if someone misspells your email address then they will believe you received their email and didn't answer it.

    Better yet, place Active Spam Killer on your catchall and continue to use it. I find catchall extremely useful as I use a number of different email addresses (support@, info@, accounts@, sales@, michael@) and only need to download from one box. My clients often misspell my email address too (some can't even get the domain right:rolleyes:).

    You can also turn the catchall off right at the SMTP, so your server won't even except email not addressed to a non-catchall account. Of course that leaves you open to dictionary attacks (to find the email name), which uses CPU. Not in my opinion a good solution. I believe there is a tutorial by Aussie at EV1, if you wish to go this path.
     
  5. Joshfrom

    Joshfrom Well-Known Member

    Joined:
    Jun 3, 2003
    Messages:
    157
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    White Haven, PA, US
    On my personal domain I do the same thing squirrel does (change the default to :blackhole:) Unless someone is mailing my account directly they're spam. You can take it even a step further though. Those stupid spoof emails which invariably come back as rejects will go to your username mailbox even if you have a default set so I add a forwarder for the username account and forward that to :blackhole: as well.

    I personally prefer :blackhole: over fail because it just deletes the email instead of trying to send it back to what's usually a bad email address.
     
  6. Juanra

    Juanra Well-Known Member

    Joined:
    Sep 22, 2001
    Messages:
    777
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Spain
    OTOH if the mail server is configured to verify the recipient :fail: is better than :blackhole: because the message is rejected in SMTP time, even before the message body is sent, which also helps save bandwidth and server load.
     
  7. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,578
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Toronto, Ontario Canada
    cPanel Access Level:
    DataCenter Provider
    Juanra, can you elaborate on this? What changes to exim need to be done for this?
     
  8. Juanra

    Juanra Well-Known Member

    Joined:
    Sep 22, 2001
    Messages:
    777
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Spain
    Instead of simply:

    accept domains = +local_domains

    use:

    accept domains = +local_domains
    endpass
    message = Invalid recipient account
    verify = recipient

    You can add this safely from WHM's exim.conf editor.
     
  9. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,578
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Toronto, Ontario Canada
    cPanel Access Level:
    DataCenter Provider
    Thanks as always Juanra!
     
  10. rs-freddo

    rs-freddo Well-Known Member

    Joined:
    May 13, 2003
    Messages:
    832
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Australia
    cPanel Access Level:
    Root Administrator
    This will lead to spammers doing dictionary attacks in order to find the active email address. If you're going to do this, you should also implement Aussie's anti-dictionary attack tutorial at EV1 forum.

    PS. Interestingly enough hotmail rejects incorrectly addressed mail at SMTP time and Yahoo accepts all mail and then rejects later. I have heard that hotmail has dictionary attack problems whereas yahoo doesn't...
     
    #10 rs-freddo, Apr 23, 2004
    Last edited: Apr 23, 2004
  11. Juanra

    Juanra Well-Known Member

    Joined:
    Sep 22, 2001
    Messages:
    777
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Spain
    I've seen it but it relies on $rcpt_fail_count which is trivial for spammers to workaround.
     
  12. rs-freddo

    rs-freddo Well-Known Member

    Joined:
    May 13, 2003
    Messages:
    832
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Australia
    cPanel Access Level:
    Root Administrator
    Jaunra does your code allow some people to use catch-alls and it works fine. But some people to disable catch-all with :fail: and have mail rejected at SMTP?

    Or does your code turn the catch-all into a simple pop box?
     
  13. Juanra

    Juanra Well-Known Member

    Joined:
    Sep 22, 2001
    Messages:
    777
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Spain
    Not sure if I understand what you mean. Each user can set an existing account as their catch-all account (either local or remote), or they can set it to :fail: to reject all mail addressed to non existing accounts.

    Same thing goes for forwarders. If you forward an account to :fail:, then it will be rejected by the mail server in SMTP time.
     
  14. rs-freddo

    rs-freddo Well-Known Member

    Joined:
    May 13, 2003
    Messages:
    832
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Australia
    cPanel Access Level:
    Root Administrator
    Thanks for the reply - what i wanted to know was whether some accounts could :fail: their catchall (and have mail stopped at SMTP) and other accounts continue to use their catch-alls as normal?

    But I think you answered yes, that your code only affects :fail: accounts...
     
  15. rs-freddo

    rs-freddo Well-Known Member

    Joined:
    May 13, 2003
    Messages:
    832
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Australia
    cPanel Access Level:
    Root Administrator
    OK, I added the code and it appears that only accounts using :fail: get bounced at SMTP. Normal catch-alls still work fine.

    Thanks for a very useful piece of code.

    Just out of interest, I wrote a piece of PHP code to query SMTP for valid email addresses.
    Basically it makes these calls:
    HELO $this_server
    MAIL FROM: <{$Email}>\r\n
    RCPT TO: <{$Email}>\r\n

    With Hotmail the RCPT TO call does NOT give back code 250
    (250 means valid recipient)
    Interestingly with your code and a :fail: on the email box
    SMTP STILL GIVEs BACK code 250 - even though an email sent will be bounced at SMTP.

    Just curious as to why this is so... if anyone can enlighten me...
     
  16. Juanra

    Juanra Well-Known Member

    Joined:
    Sep 22, 2001
    Messages:
    777
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Spain
    I get the following:

    # telnet localhost 25
    Trying 127.0.0.1...
    Connected to localhost (127.0.0.1).
    Escape character is '^]'.
    220-server.example.com ESMTP Exim 4.30 #1 Mon, 26 Apr 2004 10:07:43 +0200
    220-We do not authorize the use of this system to transport unsolicited,
    220 and/or bulk e-mail.
    HELO .
    250 server.example.com Hello . [127.0.0.1]
    MAIL FROM: <juanra@example.net>
    250 OK
    RCPT TO: <rewrwer@example.com>
    550 Invalid recipient account
     
  17. rs-freddo

    rs-freddo Well-Known Member

    Joined:
    May 13, 2003
    Messages:
    832
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Australia
    cPanel Access Level:
    Root Administrator
    Hmmm

    I get

    Connection succeeded to domain.net.au SMTP.
    Run : HELO phpdomain.com.au
    Run: MAIL FROM: <me@domain.net.au>
    Answer: 220 and/or bulk e-mail.
    Run: RCPT TO: <me@domain.net.au>
    Answer: 250 server.com Hello phpdomain.com.au [xx.xxx.xxx.xx]
    Run : QUIT

    maybe I'm picking up answers to previous questions. Yes that looks like it, the
    250 server.com Hello phpdomain.com.au
    is the answer to the helo command
    I'm not even getting to the answer to the RCPT TO command - back to the drawing board:(

    Thanks
     
  18. projectandrew

    projectandrew Well-Known Member

    Joined:
    Aug 27, 2003
    Messages:
    185
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    United Kingdom
  19. lost

    lost Well-Known Member

    Joined:
    Aug 19, 2003
    Messages:
    73
    Likes Received:
    0
    Trophy Points:
    6
    wrong! 99 percent of mail that you set to :fail: is coming from non -existant assholes who forge email headers. So, what you get is the 'bunny' effect. The spammers mail fails at your end, bounces back to the person who doesn't exist, their account is set to :fail: your message and it comes right back to you.
    If you set your box to :blackhole: it's gone, the vicious spam cycle broken.
    Nevermind a handful of people who can never spell addresses correctly. Do you really need them? In my experience, these guys who can't spell really can't do anything else either so they are more trouble than it's worth.

    L
     
  20. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    That is no longer correct. :fail: fails at the RCPT stage of the SMTP protocol exchange, and so no bounce is sent, the remote SMTP server is simply informed of the failure. :fail: is better that :blackhole: because it maintains the integrity of the SMTP exchange.
     
Loading...

Share This Page