Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

I keep getting bounce emails for addresses on my domain that don't exist. How can I stop this?

Lately I have been receiving returned emails that were originally sent
by a randomly generated email address in my domain. These accounts don’t exist,
but when the mail is returned we get the returned email. How can I stop

The painfully short answer is that you probably can’t. Though there are some
ideas to at least make it a little less painful.

For what it’s worth, you’re not alone. You are so not alone.

Become a Patron of Ask Leo! and go ad-free!

What’s happening is a variation of what’s called a “dictionary attack”
though in this case attack is perhaps the wrong term. Spammers will often search the domain name registry for domains
that they can then assume are real. Once they have the domains, they send their
spam to randomly selected common names or just randomly manufactured email
addresses on that domain. Hundreds of them. Thousands of them. AND they use them
as fake return addresses as well which is what you’re seeing.

It’s very similar to the situation created by certain types of viruses I
discussed in my previous article: Someone’s
sending from my email address! How do I stop them?!

Most of the randomly generated email addresses miss – they’re not
valid accounts and as a result they get bounced back to the “From” address. In
your case the from address is also a random and invalid address on your domain
and your mailer is presumably letting you know about it.

What to do?

Well, as the owner of several email domains I used to like being able to
have what’s called a “catch all” address – meaning that mail sent to
any address on my domain would get to me. It was a great way to see
who’s using mail email addresses for what purpose by just using some bogus
address on my domain and seeing what email got sent to it.

Unfortunately that also meant that any email address on my domain
was valid and would get to me.

I don’t do that any more. Dictionary attacks like I’ve just described result
in a flood of email to all sorts of random addresses on my domains. I now only
look at the addresses I actually define.

So sadly, don’t use catch-all addresses.

Unfortunately some email addresses should be looked at. Not only my own, but
addresses like “webmaster” are standard ways for some forms of notification. I
do know that many domain owners no longer look at these either due to the
volume of spam. I happen to have a reasonable spam filter which catches about
90% of the spam.

Invest in a good spam filter.

Finally, and probably most relevant to your situation, if a bounced
email message gets sent to an invalid address (because the original “came from”
an invalid address it sounds like your email system is notifying you, or
forwarding those invalid bounces to a known good address. If you can, I’d turn
that off and let those bounces to invalid addresses just disappear.

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

3 comments on “I keep getting bounce emails for addresses on my domain that don't exist. How can I stop this?”

  1. is now used only for a bit of email, and I do get some returned rejected mail, as today could not deliver to and returned to . I do have a catchall. But two questions…: Is this in any way using my domain? and is it likely that such emails are causing comcast and verison to frequently reject my personal emails claiming spam? Thanks.


Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.