By design, the catch-all is set to :fail: to prevent spammers from sending large amounts of unwanted mail to you. Our shared servers no longer allow you to set your own default address to prevent spam overflow, so we recommend using forwarders or filters to route your mail instead.
You can also learn about how to import email accounts and forwarders in cPanel if you already have a list of addresses that you’d like to be able to use for this purpose.
Setting Up a Default Email on VPS or Dedicated Server cPanel
VPS or Dedicated Servers can enable a catch-all email address for unrouted email.
- Log in to your cPanel.
- Go to Tools and click on Default Address.
- The default setting discards unrouted email. If you want to capture unrouted email, you can forward them to a specific email address. Click on the checkbox for Foward to Email address, then type in an email address.
- Click on Change to save your configuration.
While the feature is available for your site through VPS or Dedicated server accounts, caution should be taken with its use. Catch-all email addresses can be a vector for attacking your server. You should monitor it closely and only use it as necessary.
Need Unlimited Features?
Our dedicated server plans have a few unlimited features that lets you host how you need to host. One of these is unlimited email accounts, forwarders, and filters! Click here to learn more.
Catch-all email is like a basket for collecting all those emails for incorrectly spelled email addresses. This feature can be useful for catching communications that may have been misdirected but should be used with caution to prevent abuse or damage to the performance of the server.
Thoughts on “Default / Catch-All Address”
I have been using a catch-all email address for many years on a competing hosting provider on a shared hosting plan. I’m not interested in maintaining a VPS. Can you provide more detail on the “security issues” that you believe are possible using a catch-all email address??? I simply do not see how re-routing email at the SMTP receiver to the catch-all address presents a greater security risk than any individual email address.
It allows a spammer to essentially use any email address whether it exists or not to successfully deliver an email to your server. For example, in an extreme case, someone could send a million spam emails with any address to a variety of domains hosted on a server. Such as [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], and on and on. A catch-all email would result in all of these being delivered successfully to the server. This can put a heavy load on the server similar to a DDoS attack and also allow someone to deliver an email to your mail server whether they know you or not.
This approach will not work for me. I create distinct email addresses for most places that require an email address. It would be horribly inconvenient to have to set up a forwarder for each BEFORE I set up an account at some random web site.
PS. Your chat support system is a total fail with at least Firefox and Safari.
Hello Richard – The article does need to be updated, but there is no option for a catch-all email address for shared server hosting accounts. This is due to security issues, as it is a possible vector for an attack that can shut down email for the entire server. You can enable the option with root access on a VPS or Dedicated server account. If the option is enabled, you’ll see it in cPanel under DEFAULT ADDRESS where you can set unrouted email to be forwarded to a single email address.