For those not familiar with the ins and outs of email hosting, a Catch-All email address is an address that receives all inbound email that is not sent to an existing mailbox.
Let’s say that you own acmewidgets.com, and there are 4 mailboxes in that domain: email@example.com, firstname.lastname@example.org, email@example.com, and firstname.lastname@example.org. Email sent to any of those email addresses will undoubtedly make it to the intended recipients.
If you have a catch-all address, that mailbox will receive all the mail sent to other addresses at acmewidgets.com: if someone mis-spells your email address and instead of email@example.com sends a message to firstname.lastname@example.org, the email will still be delivered somewhere (your email server can be configured to forward all email to one of the mailboxes that actually exist), and it wouldn’t be missed.
Another good reason to use catch-all addresses is for services you subscribe to. Not giving out your true email address to companies and web sites that require it, keeps your true address private – if you wanted to subscribe to the New York Times, for example, you’d use email@example.com. If a year later you decide that you’re no longer interested, and they keep sending you email, all you have to do is set up a filter to automatically delete all emails sent to that address. Also, if this address starts receiving actual spam or emails that do not come from the New York Times, you’ll know that they either sold your address or suffered a breach.
A client had been doing this with their own email for nearly 20 years and it was working great. “Had” and “was;” you read that correctly.
Last week, their domain got flooded with spam at an unprecedented rate and it became so bad that gmail refused to accept more email. This particular client uses gmail for their email (each mailbox – and the catch-all address – is set up to forward all incoming emails to a gmail account).
The good thing about gmail is that it’s free and their spam filtering is really excellent. The bad thing about gmail is dealing with google – there isn’t a single human to email, let alone call, when you’re not a paying customer. It took some digging to find out what the problem was, as there was no message informing our client of the problem, let alone a warning when their limits were about to be reached. The only indication that something was amiss was that there were no new emails one morning (not even spam), and the only clue was in the mail server, where thousands of emails were piling up, all with the same warning – something along the lines of “this gmail user’s getting emails at a rate that exceeds our limits.”
After a bit of additional research, I discovered that there are, indeed, limits, that email is not accepted by gmail once they’re reached, and that normal service was restored “usually” in 24 hours.
Since the mail server where the emails were accumulating already had a bit over 6,000 in the queue, once gmail would resume accepting mail, the limit would be reached again within minutes and we’d be back at square one.
The only way to make sure that this wouldn’t happen was to go through all 6,000 emails, one by one, and manually delete the spam. After a few hours of nit-picking, the queue was reduced to maybe 40 legitimate emails, and another gmail account was set up temporarily to receive new incoming messages until the original gmail account went back to normal (took about 3 days, and not the 24 hours promised on google’s support site).
The client still wanted to be able to use ad-hoc email addresses, so we found a work-around that would allow him to do so without overwhelming his gmail account. I’ll write about this next time.