Glossary
Catch-All Email Address — Risks and Best Practice
A catch-all email address receives all email sent to any address at your domain — even addresses that don't exist. While useful for not missing email, catch-all configurations attract enormous volumes of spam and dictionary attacks, inflate bounce rates when misused, and can negatively affect your domain's sending reputation if the same domain is used for outbound email.
The Risk
Spammers probe catch-all domains with dictionary attacks — sending to thousands of random addresses. Your server accepts them all, creating backscatter and reputation damage.
When Catch-All Makes Sense
Single-person domains where you want to receive email regardless of typos. Not recommended for organisations.
Audit outbound reputation with Email + DNS Preflight
Open DNS Preflight →FAQ
What is a catch-all email address?
An email configuration that accepts all incoming email regardless of whether the specific address exists.
Does a catch-all affect email deliverability?
Yes. Catch-all domains receive spam probing which can inflate bounce rates and damage sending reputation if mishandled.
Should I use a catch-all?
Only for single-person domains where you want to avoid missing email. For organisations, use specific addresses and aliases instead.