Catch-all Domains Explained

Imagine launching an online business and associating your email address with your business domain. For example purposes, let’s say your domain is XYZ.com and your name is John. Your email address would be john@XYZ.com. Now what if someone entered jon@XYZ.com? If you had a “catch-all” domain, you’d receive email messages sent to ____@XYZ.com — even if senders misspelled your name.

In fact, that was originally part of the allure of catch-all email addresses. With a catch-all domain, you could tell people to send email to anything at your designated domain such as: sales@, info@, bobbymcgee@, or mydogspot@. No matter what they entered in front of the @ sign, you’d still get the message without having to configure your server or do anything special.

The Downside of Catch-all Email Addresses

Catch-all email addresses were created to ensure that no email to the domain would be rejected and lost. Catch-all domains accept all email without rejection. Though useful for those concerned about potentially missing important messages due to typos in the mailbox, spammers soon took advantage of the opportunity before them. All they need is the domain name. They do not need to hunt for usernames, guess usernames, or scrape email addresses. They simply put whatever they want in front of the domain and send their messages — and those messages arrive as intended. As a result, catch-all boxes tend to get flooded with spam and become unusable.

How Service Objects Defines Catch-All Domains

Service Objects uses the term “Catch-All Domain” to refer to a domain that has its mail server(s) configured to not reject email addresses, even if they do not exist. Thus, if an email arrives to bogusemailaddress@XYZ.com, our catch-all domain example, and that email does not actually exist, it will not be rejected.

Keep in mind, however, that mail servers can be configured in various ways. Traditionally, a “catch-all” message is accepted and forwarded to the designated “catch-all” mailbox.

Mail servers can also be set up to delete incoming or bounce messages when no recipient is found. Bounced emails do not necessarily bounce immediately. Thus, a mail server may accept an unknown message initially and later bounce it back. We know, it’s confusing. Remember that rejecting an email and bouncing one back are not one and the same.

Catch-all Domain Practices

It is considered bad practice for a mail server to accept email addresses that do not exist and then bounce them back later. This practice was initially employed when spammers began mining mail servers for email recipients with the thought that spammers who could not accurately mine the mail server for recipients would simply move on and leave it alone.

As you know, spammers are a creative bunch, and they quickly learned to manipulate this type of server behavior to their advantage. This practice also increases bandwidth usage due to both incoming spam and outgoing bounce messages.

A better approach is to reject nonexistent email outright so that no message is ever received, accepted, and then bounced back.

Identifying Catch-all Domains

Service Objects’ email validation service identifies catch-all domains, giving you a better idea of how your outgoing messages may be handled. For example, messages sent to a catch-all domain may arrive as intended, but they may get lost in a flood of spam messages whereas a message sent to a legitimate business recipient’s mailbox will be more likely to be perceived as legitimate.