latest update

Catch All Accounts Policy for Linux & Windows 2003 Mail Servers

Dear Customer,

With effect from October 26, 2006, TechnoDG will no longer be supporting "catch all" or "default" mail accounts on our shared, reseller Linux and Windows 2003 hosting platforms. Recently, since last couple of months our mail server has been suffering from performance issues directly attributed to catch-all mail accounts being attacked by spammers.

The biggest impact they have on our servers is when a domain with a catch-all mail accounts configured is hit by a dictionary spam attack. This style of spam attack randomly tries to send email messages to thousands of unique email addresses to a particular domain. When the catch-all account is configured, it causes the mail server to accept all of this spam and valuable processing time and resources are wasted dealing with the massive flood of messages. In some cases, the attack is so severe that it causes the mail server to become completely unresponsive.

A secondary impact of these dictionary attacks occurs after the catch-all account is deleted. Because the spammers have successfully delivered email to thousands of unique accounts, they now continue to send email to these email addresses on a daily basis. Even once the catch-all has been disabled for a domain, these repeated attempts to deliver mail to non-existent addresses can sometimes be so severe that the net effect is a denial of service attack on our mail server's SMTP service.

Instead of using a catch-all mail account, we suggest that you configure mail forwarders for individual email addresses that you actually want to accept incoming email for, and then direct those forwarders to a single POP3 account. For example, if you want to accept email for info@yourdomain.com, sales@yourdomain.com, and support@yourdomain.com, but want all of that email to be directed to owner@yourdomain.com, you would setup a POP3 account for owner@yourdomain.com, and setup the other email addresses as forwarders.

Please note, that if you already have a catch-all account configured, we encourage you to disable it else we would be doing it from our side. We are sorry for an inconvenience this change may cause you, but taking this step is necessary in order to provide a reliable mailing infrastructure to you.

If you have any questions or concerns regarding this policy change, please mail us at info@technodg.com.


Posted on: Wednesday, 25th October 2006 4:10 AM