Originally Posted by
themicah
Another of my domains (the one I use the most) has been trickier to control, because some spammer decided to use randomly generated usernames (vxwed@mydomain, oiuwre@mydomain, etc.) as the "From" addresses on his spam, so I was getting a lot of backscatter (bounced messages that I never sent in the first place).
I've gotten this, too. How do spammers decide what domain to use in a spoofed 'from' address? It can't be related to having a catch-all user at that domain, can it?