About 3 months ago, my hosting provider Dreamhost announced that it was stopping the support of catch-all email addresses claiming that this was to reduce the server load and improve antispam features.
Unfortunately this is a feature that I rely on heavily as I always provide unique email address’s to companies such as [email protected] or [email protected] so that I can filter out emails into different labels, blacklist a spammer and lastly see who has had their website compromised and leaked or sold my email address to someone else. I’ve had at least two email addresses, one of which was a local government agency, start to be used as a spam destination. Unfortunately it is frustrating when I report it to the company and they deny it has happened even though I’ve shown them headers of the email address after the initial contact to let them know they have been compromised. One of the companies I contacted denied they had been breached and I hadn’t even provided them the email address so I knew they hadn’t looked very hard!
Anyway….that is all now over as Dreamhost no longer provide this option.
The solution I am using is as follows:-
- Use gmail as the primary interface for email (No change since I got gmail back in 2005ish)
- Use gmail pop3 access to pull in the original catch all email and apply a “ca” label to the email (No change)
- Use Google Sheets to analyze email and retrieve email address used
- Create a list of incoming emails and destination email addresses
- Add emails to Dreamhost control panel
If you wish to continue using the email addresses you can either add them as an alias or set up a forward for the email address. I was previously using the catchall mailbox and had gmail setup to retrieve the email on a regular basis. The upside of this was that I didn’t have to do anything after setting up the pop account in Google. The downside is that I would have to wait for Google to poll the email account, or go to the accounts tab and pull the mail down manually if I was using a computer. The tablet/mobile access did not provide the ability to “check for mail now”
I had also setup gmail to label all mail retrieved from this catchall account with “ca”. This shows up in the google interface and can also be filtered/searched on.
This meant that I already have email in my gmail account. If you haven’t done that already and wish to use these instructions, then set up gmail to pull in the email as a pop3 account.
Once you have all email coming into Google I then used a slight modification of Helge Klein’s spreadsheet that lists all email address’s for a single label. Use the provided link to copy the sheet into your own Google Drive account. Select the Tools menu, Edit script and review the script to make sure it’s not malicious.
Around line 45 will be the text
var mailFrom = messages[i][j].getFrom ();
Replace this with
var mailFrom = messages[i][j].getTo ();
Yes I know the variable name doesn’t make sense, but this is the easiest way to quickly change the code. The neater solution is to then search and replace mailFrom with MailTo
Save the document and then use the text “ca newer:2017/12/31 older:2018/09/01” (without quotes) in B2in the sheets document. Obviously adjust the dates as appropriate.
Note that I found that if my date selection was too large the script would time out. Depending on how many emails you have in gmail, I would probably filter out a year at a time. The filter syntax you enter into the B2 field is the syntax you would use to search in gmail.
Once you have your filter, selectHK Scripts/Extract email addresses.
Hopefully all goes well and you now have a list of emails that were sent to your catch all address in a new tab.
The neat thing is that you can run the script multiple times and each search result will generate a new tab. This way you can run this periodically to capture mail received each month. The caveat is that you do need to keep emails with the ca label in your gmail for at least a month!
The screenshot below shows a few results from this search.
Note that I do have a couple of oddities in this result (which is why I included them). There are a couple of email address’s that go to my catchall address but the emails were not forwarded to my original domain. My gravatar email address is actually another gmail address forwarded to a catch all address. As the original TO field is not my domain it doesn’t look quite right. Some other oddities have included google groups targets or some other nefarious/badly formed bcc emails. These should be treated as an exception and handled manually (outside the scope of this document.
Grab the contents of column B and save to a new tab – this new tab will be used to split the email addresses into a format suitable to paste into Dreamhosts mail control panel.
I then did the following to parse the email address into a useable format. Note that this may not be the most efficient but it gives me the ability to easily verify each stage rather than debug a complicated excel formula.
The screenshot below shows what it should look like when completed. (The two shaded rows are the odd ones that I deal with manually)
Column A should be your original To field. The other cells are filled out as follows. Note you need the starting = sign to signify a calculated field.
E – not used.
G =” yourgooglealias+” & D1 & “@gmail.com”
Note there is a space at the start of G as this is used as the separator in the next step. Yourgooglealias is the bit before the @ sign in your gmail address
K =(substitute(substitute(A1& G1,“<“,“”),“>”,“”))
This replaces any chevrons that may be around the email address and then takes the original email address, adds a space and then adds the new gmail address where the alias now becomes +alias.
Finally, copy the contents of column K into dreamhosts control panel. https://panel.dreamhost.com/index.cgi?tree=mail.addresses¤t_step=Index&next_step=Bulk should hopefully work but make sure you are pointing to the right domain!
Select Mail, your mail domain, Forwarding Only/Edit All.
Hit the save button and you are done.
Your email should be quickly delivered to gmail and still easily filtered out based on the to field.
The downside is that there are still some webforms out there that do not recognise the + character as valid in the email address. Spammers can also easily work out what your main email address is and send directly to that mailbox.
Please let me know if you have any questions or comments