I hated to cave in and do away with my catch-all address, but I finally had to do it.  I saw a definite pattern where I’d get four or five apparently hand-crafted emails, followed within a few hours by a tidal wave of bounces.  It appears to me that the spammer were probing my domain to make sure the catch-all was still in place so that their bounces wouldn’t be rejected.  Then, upon confirming the catch-all, they’d engage the bots for a major spam run, with me catching all their crap.  If I’d taken the catch-all off of the domain, their initial probes would have been summarily rejected by the SMTP server. 

Because I’ve been using the domain for the past seven years for making up email addresses at will, I had lots of possibly valid addresses that I had to deal with.  I wrote a short Perl script that groveled through all my old Inboxes (back to 2000) to extract all addresses with an aubreyturner.com address in the “To:” and/or “for” headers (in some cases, especially with lists, my address wouldn’t have been in the “To:” field), discarding duplicates.  When I was done there were 1732 unique email addresses.  I spent a couple of mind-numbing hours going through that list deleting garbage entries from spammer Joe Job backscatter.  That left me with 604 addresses that I had to enter into the Dreamhost email control panel.  Fortunately, they have a “bulk edit” feature for each domain.  But it almost caused the panel to cough up a furball when I uploaded the list.

Now I’ve gone back and deleted another 30 or so that looked legit, but which I’d forgotten had been compromised by spammers.

If anyone out there has tried to email me and the message bounced, it’s probably because I missed an address in the alias file.  I’ve verified that the Contact Form target address works, so you can get in touch that way.

Anyone for killing spammers and using their guts to hang them from light poles?  Or am I the only one so annoyed?