Tomorrow we plan on changing the mail server configuration on all accounts that are set up with the default email address currently set to"username" over to :fail:, and it is already changed on a few servers.
cPanel has always set up new accounts with a catch all email address so that anything @domain.tld would be accepted. But the times have changed, and the default setting must change with the times.
What is happening is, spammers are targetting all domains with dictionary attacks, sending spam to
anyword@domain.tld. The server is accepting that mail for delivery and autoresponders are responding to the mail. But the spam comes in with forged return addresess of working domains (otherwise it wouldn't be accepted). Our server responds to the mail, the person whos address was forged turns us in for sending them unsolicited email or the autoresponse ends up in a spam trap mailbox of some RBL, and we get blacklisted.
As a side note, this isn't just happening to us. It happens to any server which doesn't refuse un-routed mail (catch all email) during the handshake,
before it enters the server.
Some people may notice this change, but by far the majority of our cusomers will only notice that incoming spam has dropped off tremendously, and their disc space quota isn't slowly filling up for no apparent reason.
Quote:
|
Anyone which does not want this setting can easily reverse it by changing the default email back to "username" or create an email account - then set that account as the default email address. The latter being the most permanent fix, because we may go through again in 6 months and refresh any newly created accounts to that default setting.
|
************************************************** ***
Most customers didn't choose to have a catch all email account, and do not want that mailbox collecting spam in the first place. And that is basicly all it does. But a few people use it and don't mind the spam, so the setting is still there to use. People who do wish to have a catch all account are advised to set up an email account and use that as the default. Changing :fail: back to "username" might not be a permanent fix.
No one who has a default email address set to send
anything@yourdomain.tld to another email account (e.g.
you@yourisp.tld) will be affected by this change.
This link will explain how to change default email settings, along with an animated demonstration
Change default email in cPanel.
Linear Mode
