Weird. Someone has created an account with one of the major money-sending apps using a fake email on a domain name I own. I can see this because I receive the emails sent by the app vendor via the domain's catchall account. So whenever this person tries to login or change their password, I see the confirmation emails sent by the app vendor.<p>To be fair, it could have been an innocent mistake on the part of the person who signed up... maybe they meant to type .net instead of .com or something like that.<p>I contacted the vendor to tell them that the account is not authorized or known on my domain, and asked them to cancel, but they will not unless I send them an email using the 'from' address of the unauthorized account.<p>So, questions:<p>1) Is this a common thing? And if this is potentially illicit activity, what is this person thinking or hoping they'll be able to commit?<p>2) Even though I'd be using my own domain, should I intentionally impersonate someone who may (or may not) be attempting inappropriate activity in order to get the account removed? Wouldn't that - on its own - be a potentially dangerous or illegal act?<p>{sigh} modern problems.
This kinda stuff is why I don't like catchall email accounts.<p>IANAL...but there can be some legal exposure here, too. Mr. Bad Actor is up to shady sh*t, using a fake bactor@YourDomain.com account as part of that, and some less-than-friendly Feds (or lawyer for a victim, or ...) could be knocking on your door.<p>Yes, fake-account and typo'ed -address email can be kinda entertaining to read. But better to lose no time, need no lawyer, set things to auto-bounce with a "No Such Account" error, and keep email logs for ~3 months or so - to play the random clueless honest bystander part.
If it's only "please confirm your account" and password reset emails then the user probably just mistyped the email address.<p>If their username is go-to-ydotcom-for-free-cash then it might be spam. It doesn't seem very effective but I know a company where a spammer created 10.000 accounts overnight to be sent to random people.