How can a BRAND NEW formed email address never posted anywhere get SPAM?
 

So I set up an email addy yesterday for a brand new site, the email has NEVER been posted anywhere, its brand spanking new, and this morning, I get this spam about a stock tip....

How is this possible?

Prolly domain was registered before you so the spam comes through... happened many times to me.. very annoying

yeah its happened to me :(

I was wondering same thing....
I've had a bunch of domains i registered a couple years ago, unique so i know nobody had them before... i just setup email on them and already getting shitload of spam, even tho i never even used the emails before.

I don't think so...I could be wrong, but no one has ever owned this domain before.

Probably find that some spammers just have databases of usernamees and the'll send to username@***.com for every single domain in their database.

Yeah my guess is some sort of random script

Yeah, happens quite often, I figure it's just because it was registered at some point before.

Yeah, I get spam to "info", "admin" and "webmaster" at one of my domains that I have never mentioned to anyone anywhere.

People pick up that the domain exists (probably from the registrar) and then just assumes that those either exist, or will be snatched by a catch all.

This is done easily using 1 of 2 ways...

the easier way is to have an email guesser which bombards an email login form with random character combos and waits for a DENIAL message.

If the DENIAL message says "INVALID PASSWORD" instead of "no such user" or something like that then the email address is recorded and a new string is sent.

This harvesting method's been around for a long time and some systems guard against it.


The other method is data overflow....

my catchalls get a lot of spam. i also find it amusing when affiliate programs sell off your email to spammers, i use a specific domain and random users for each sponsor. always love it when i get mail to those :)

i also have a never registrared domain, with a unique user that only my banks, Thawte, and AuthNet have, its starting to get spammed almost daily now by people totally unrelated. kind of makes me wonder how save my info is at these places if they are getting thier email addresses snaked.