So the other day I enabled my catch-all mail account. (A catch-all account is an e-mail account that get’s all the e-mail going to non-real e-mail addresses like firstname.lastname@example.org.)
As you would expect, I got the regular share of SPAM from the regular random spamming, but I noticed something else that was a little more interesting: mail from newsletters and sites that didn’t appear to be the regular, per se SPAM random addresses: many of them were rather specific along the lines of asdfs, sdfasdfasd, asdf, asdfahf, etc.
Which raises the question: when the spammers were setting up and testing their scripts, is it these addresses they used to test it? I can easily see someone going through and filing out a form and entering email@example.com as their e-mail address, just to fill the bo. Of course, this is in total contravention to RFC 2606, which says that if you’re gonna test something on a live server/document something, you should use the dummy domain example.com.
But hey, like like any thing else ever stopped them.