Marc Perkel wrote: > What I've noticed is that domains with catchall accounts are > usually the ones that get abbused this way. MTAs the reject bad > email addresses at SMTP time are not what spammers like when it > comes to choices of domains to spam or spoof.
To clarify, from the senders' perspective, accepting and then /dev/nulling mail (rather than rejecting it at SMTP time with "no such user" or "rejected for spam" style messages) is the exact same thing as a catch-all. When I moved my company's setup to a reject-based system, our spam traffic all-but zeroed pretty quickly. 90% of the rest of it is caught quite nicely by greylisting (implemented a while after that move), and the remaining volume gets eaten by SpamAssassin.