Spam emails and MX and A-records question

RFK · 2 Apr 2026, 05:50 AM

I get many (50-100) spam email per day sent to my Gmail address. Google filters them and drops to Spam folder.

The problem: too many emails in Spam folder make difficult to search for false positives (simetime legitimate email ends up in Spam).
Almost all (95%) of these emails have invalid domain as a sender ("From"). MX and A records are invalid.

I found script (Google Script) that purges emails that have invalid sender (invalid A and MX records) every xx minutes (configurable).

Now the question: is it correct to assume that if "From" email (something like ashjdfew@hjastgdfwyx.com) contains invalid domain (invalid A and MX records), then this email can be permanently removed immediately?
Is it any valid case for these emails (mass mailing, maling list, verification email etc.)?
If such email is always spam, why does Google allows these emails to be received (even as a spam)?

Another question:am I explicitely targeted by spammers or scammers? None of my family members has this problem.

Example of email:

Code:

 "email": "\"'McDonaldsThanksYou!'\" <zMbnP@1tpj7e.com>",
    "domain": "1tpj7e.com",
    "base_domain": "1tpj7e.com",
    "mx": "missing",
    "a_or_aaaa": "missing",
    "dkim": "missing",
    "spf": "pass",
    "dmarc": "missing"

JeremyNicoll · 2 Apr 2026, 09:31 AM

Quote:

Originally Posted by RFK

Now the question: is it correct to assume that if "From" email (something like ashjdfew@hjastgdfwyx.com) contains invalid domain (invalid A and MX records), then this email can be permanently removed immediately?

Is it any valid case for these emails (mass mailing, maling list, verification email etc.)?

For a 'From' that looks like gibberish - probably it can be removed. But if you got mail 'from' Bilbo@middleaerth who's to say that Bilbo didn't type it wth his toes & transpose two vowels? If his genuine mail also contains a Reply-To with a correct address in it... it wouldn't matter what From contains.

Quote:

Originally Posted by RFK

Another question:am I explicitely targeted by spammers or scammers? None of my family members has this problem.

Possibly your gmail address is very like someone-else's that's been harvested by spammers? If the spammers are not getting "no such address" (at the SMTP level) they have no reason to stop spamming you.

Maybe you're more active (than your family) on forums &/ mail-lists etc - some of which leak email addresses.

Having your own domain & only (SMTP-)accepting mails to certain addresses & structuring your addresses with that in mind allows one to control this sort of thing. For example you might accept mails to

bsn.rfk.some.things@yourdomain
grc.rfk.some.things@yourdomain

(for emails to you from businesses or grocery shops you deal with). If a single legit grocery shop's address for you gets compromised you change it. If you get lots of spam to grc.rfk.* addresses you could reallocate all of them eg as fud.rfk... & discard all the old grc.rfk.* at the SMTP level.

Right now I'm getting ~150-200 spams per month to addresses like

c0503e16c807984d6710dcf2d9b5465b@oneofmydomains

where the lefthand part is 32 hexadecimal digits. Each such example is probably a Message-Id value that's been scraped out of a mail-list archive & has never been a real email address. On the mail-provider concerned's server I have rules which reject anything for delivery-to (not "To:") lefthand parts starting 0 thru 9.

But unfortunately I have a few legit addresses starting A thru F ... and I'm not certain that I've noted all of those down. So for now I'm accepting all of these but using sieve regex rules to separate the 32-hex-digit id ones. I'm keeping an eye on the other lefthand parts so - when I'm sure I know which A* (or B* or C* or D* or E* or F*) ones need kept (or reallocated) I can then safely reject everything-else for delivery-to (not "To:") lefthand parts starting A thru F.

It's more complicated for me because I have hundreds of in-use addresses but don't want to have to fiddle with the SMTP reject rules (the GUI for doing that is - at that provider - much less friendly than their ordinary mailbox filters) each time I change an address or create a new address.

Bamb0 · 2 Apr 2026, 09:53 AM

One time I had an acct on hotmail.kg and they must have known I was from the US.. My acct was quickly taken over with spam!

Unusable

I wonder why they didnt just purge my acct??

RFK · 2 Apr 2026, 11:44 AM

Quote:

Originally Posted by JeremyNicoll

But if you got mail 'from' Bilbo@middleaerth who's to say that Bilbo didn't type it wth his toes & transpose two vowels? If his genuine mail also contains a Reply-To with a correct address in it... it wouldn't matter what From contains.

Howw do you get "From" to be mistyped unintentionally to non-existing domain?

For example, in Purelymail, if I set wrong "From", I get an error

https://i.postimg.cc/ZRv8PLnZ/error.jpg

It can be done only intentionally using spam friendly services,

TenFour · 3 Apr 2026, 12:19 AM

That's a lot of spam! I've been using the same Gmail address for 20 years and I get less than 1 per day in my Spam folder. But, mostly the Gmail address is used only for important accounts and personal communications. I have anonymous addresses I use for forums, ordering, and such.

Bamb0 · 3 Apr 2026, 02:38 AM

Im glad your not getting much buddy!! (Def not something to complain of)

JeremyNicoll · 3 Apr 2026, 05:54 AM

Quote:

Originally Posted by RFK

Howw do you get "From" to be mistyped unintentionally to non-existing domain?

For example, in Purelymail, if I set wrong "From", I get an error

https://i.postimg.cc/ZRv8PLnZ/error.jpg

It can be done only intentionally using spam friendly services,

I would think if the SMTP envelope data was valid you could put anything in "From:" though possibly not in a webmail system. You might need a mail client & perhaps one which uses a separate mail transport.

jarland · 4 Apr 2026, 04:35 PM

Here's the thing about dropping emails where the From domain doesn't resolve:

It's a great idea. It'll probably work 10,000 times before you find the 1 email that you wish you'd received. But there will be that one. And by the time you figure it out you probably won't know if it was a temporary DNS issue on one side or the other, or just a complete idiot that you actually wanted to receive an email from.

n5bb · 5 Apr 2026, 01:08 PM

Quote:

Originally Posted by JeremyNicoll

I would think if the SMTP envelope data was valid you could put anything in "From:" though possibly not in a webmail system. You might need a mail client & perhaps one which uses a separate mail transport.

The From header needs to “align” with the SMTP envelope-from if you want your emails to not be rejected by many email systems. See:
https://dmarcian.com/alignment/

Bill

2 Apr 2026, 05:50 AM	#1
RFK Essential Contributor Join Date: Aug 2004 Location: USA Posts: 324	Spam emails and MX and A-records question I get many (50-100) spam email per day sent to my Gmail address. Google filters them and drops to Spam folder. The problem: too many emails in Spam folder make difficult to search for false positives (simetime legitimate email ends up in Spam). Almost all (95%) of these emails have invalid domain as a sender ("From"). MX and A records are invalid. I found script (Google Script) that purges emails that have invalid sender (invalid A and MX records) every xx minutes (configurable). Now the question: is it correct to assume that if "From" email (something like ashjdfew@hjastgdfwyx.com) contains invalid domain (invalid A and MX records), then this email can be permanently removed immediately? Is it any valid case for these emails (mass mailing, maling list, verification email etc.)? If such email is always spam, why does Google allows these emails to be received (even as a spam)? Another question:am I explicitely targeted by spammers or scammers? None of my family members has this problem. Example of email: Code: "email": "\"'McDonaldsThanksYou!'\" <zMbnP@1tpj7e.com>", "domain": "1tpj7e.com", "base_domain": "1tpj7e.com", "mx": "missing", "a_or_aaaa": "missing", "dkim": "missing", "spf": "pass", "dmarc": "missing"

2 Apr 2026, 09:53 AM	#3
Bamb0 The "e" in e-mail Join Date: Feb 2005 Location: USA Posts: 2,373	One time I had an acct on hotmail.kg and they must have known I was from the US.. My acct was quickly taken over with spam! Unusable I wonder why they didnt just purge my acct??

3 Apr 2026, 12:19 AM	#5
TenFour The "e" in e-mail Join Date: Feb 2017 Location: USA Posts: 2,299	That's a lot of spam! I've been using the same Gmail address for 20 years and I get less than 1 per day in my Spam folder. But, mostly the Gmail address is used only for important accounts and personal communications. I have anonymous addresses I use for forums, ordering, and such.

3 Apr 2026, 02:38 AM	#6
Bamb0 The "e" in e-mail Join Date: Feb 2005 Location: USA Posts: 2,373	Im glad your not getting much buddy!! (Def not something to complain of)

4 Apr 2026, 04:35 PM	#8
jarland Essential Contributor Join Date: Apr 2014 Posts: 410 Representative of: MXRoute.com	Here's the thing about dropping emails where the From domain doesn't resolve: It's a great idea. It'll probably work 10,000 times before you find the 1 email that you wish you'd received. But there will be that one. And by the time you figure it out you probably won't know if it was a temporary DNS issue on one side or the other, or just a complete idiot that you actually wanted to receive an email from.