The cPanel Default Address and why catch-all mailboxes are a bad idea
This article was posted in: Email
By default your cPanel account will reject email sent to an address that you have not already setup with a mailbox or forwarder. We strongly recommend you leave these default settings alone.
Mail addressed to a non existent mailbox or forwarder is called unroutable.
While is is possible to send all such email to a catch-all address we strongly recommend against this practice as catch-all addresses are prime targets for spammers. Once your domain becomes known, spammers will target random usernames@yourdomain - it will be harder for us to filter spam, as your account will no longer reject email for unknown recipients.
WARNING : DO NOT SEND UNROUTABLE EMAIL TO AN EXTERNAL FORWARDING ADDRESS.
Instead, we recommend that you reject and discard unroutable messages at the time the server receives them. Spammers will then know that the email address they are trying to use is no good and give up sending to it after a time.
However, in rare cases it is desireable to accept all email for your domain, so in cases like this, you can configure a catch-all mailbox to catch any email that might otherwise have been lost.
Step 1 - Create the mailbox
Follow the guide How to create a mailbox in cPanel to create your catchall mailbox. A catchall mailbox is no different from any other mailbox.
Click the Default Address icon in the Mail section of cPanel.
Under the Default Address Maintenance heading, select your domain from the dropdown list (1) and the select the Forward to email address radio button (2). Enter the address of your catchall mailbox in the Forward to email address box (3). Click the Change (4) button to save your changes.
In our example below, any email that the server receives which is not addressed to a known mailbox for forwarder within the krystaldemo.co.uk domain will be redirected into firstname.lastname@example.org mailbox.
A special note about the system account
We strongly recommend you do not forward all mail to the system account unless you have a very good reason. Again, this option will make your account a prime target for spammers.
We may remove excess email from customers' system account mailboxes from time to time. This would normally involve pruming message older than several months, or if a system mailbox has grown to hundreds of megabytes.