When I registered my first domain name, toxiccustard.com, in November 1996, I didn’t keep my email address secret. It wasn’t obvious (at least to me) that spammers were picking up any valid email addresses they could find, left right and centre. The address: email@example.com. I can quote it now because it hasn’t been valid for many years.
But they keep distributing it, and keep spamming it. I know this because my web ISP told me last week that toxiccustard.com is now getting about five thousand e-mail messages PER DAY. Aye carumba.
In fact so much mail is coming in that before they realised the nature of it, they were saying they’d have to decline to provide me with shared web hosting for that domain in the future, because of the impact on other customers. As it is they’ve said okay they’ll live with it, since they’ll be upgrading their systems shortly so bouncing mail doesn’t impact them as much.
I’ve disabled mail completely on that domain in Plesk, and I’m looking into fiddling with the MX records, which hopefully should stop dead any mail way before it reaches anybody and starts costing them money. This may involve moving the domain to a new registrar, since the current mob doesn’t appear to provide this level of customisation.
The lesson: keep your email address secret. Once the spammers have it, expect a snowball effect. It may take 9 years, but eventually it’ll be unusable.