The emails are "from" your domain? Like asfdasfdsad@icedhybrid.com ? In 99.9% of these cases this kind of stuff is done via a script you have installed on the account... do you have any forum scripts or other php/cgi scripts installed?

Would you have the headers from the emails?

Also I wouldn't use :blackhole: use :fail: but for you there really is not big difference between the two.

I am not sure if I understand it correctly.. but why not send everything that isn't an actual account to the :blackhole:?

I was using the catchall regularly so that I could use a unique email, such as (walmart@icedhybrid.com) to register with sites (in this case, Walmart), and then I would recieve their email without adding a bunch of accounts. This worked nicely, if any one address started to get spammed, as my walmart account did, I could just forward it to :blackhole: and not worry about it ever again.

Seeing as how that is now close to impossible with the amount of bounce messages I am getting, I guess I have no choice but to stop using it and create an account for every email I've ever given out...

The only alternative I've found is to have a Sender Policy Framework set up in the DNS so users can verify the sender with the host. Do you guys have this already setup, or plan on setting something like this up so domain owners can publish SPF records in the near future? Or is this something that needs to be done at a higher level?

I have the same problem with my domain symbianexample.com
I constantly get "replies" (2-10 per day) from the mail servers about spam sent from random addresses @symbianexample.com

Alex could you, please, check the mail server logs to see if some emails are really send from t35 server? If they are, there might be some security hole in my scripts or at t35.

P.S.
Typical "reply" I get looks as follows:
------------------------
wuw@symbianexample.com   
   date      Jan 31, 2007 8:00 PM   
   subject      Notification d'état de la distribution   
   mailed-by      server1.t35.net   
 - Ces destinataires ont été traités par le serveur de messagerie :
mcconnell71@laposte.net; Échec; 5.1.1 (adresse de boîte aux lettres de destination incorrecte ou inexistante)




Final-Recipient: rfc822; mcconnell71@laposte.net
Action: Failed
Status: 5.1.1 (bad destination mailbox address)



      noname
2K Download
------------------------

I also get a lot of similar spam from @ebay.com, @example.com, etc. However, I can hardly imagine a spammer that found my domain on the web and decided to mask behind @symbianexample.com

Anyway, Alex, isn't it simple to check the mail server logs and see if any @symbianexample.com mail has really been sent from T35?
I did not send a single email from this address for weeks or maybe even for months.