Catch-all domains accept email to any local-part regardless of whether the mailbox exists — xyz1234@company.com and alice@company.com both succeed MX verification. This makes MX checks alone insufficient for validating contact quality. Contacts from catch-all domains appear deliverable but frequently bounce or are read by nobody, because many catch-all configurations feed unrouted mail to a trash mailbox. Mixing catch-all addresses with fully verified contacts inflates your apparent list size while depressing engagement rates, producing misleading health metrics and campaign analytics.
Low because catch-all addresses are a list quality issue that degrades metrics and deliverability incrementally rather than causing immediate bounces or compliance exposure.
Use an email validation API that returns a catch-all or accept_all status and store it on the contact record. Exclude catch-all addresses from cold outreach segments:
// Store validation status at ingest (example using ZeroBounce response shape):
await db.contact.upsert({
where: { email },
update: { validation_status: result.status },
create: { email, validation_status: result.status }
})
// Exclude from cold campaigns:
const campaignContacts = await db.contact.findMany({
where: {
NOT: { validation_status: 'catch-all' }
}
})
For budget-constrained situations, use the catch-all probe technique: during validation, send an SMTP RCPT TO command for a randomly generated address at the domain; if the server accepts it, flag the domain as catch-all. Many validation APIs perform this probe natively.
ID: data-quality-list-hygiene.email-validation.catchall-domain-handling
Severity: low
What to look for: Count all validation status values the system tracks for contacts. Check whether the system detects catch-all (accept-all) domains — domains configured to accept email for any local-part, regardless of whether the mailbox exists. A catch-all domain will accept xyz1234@company.com just as readily as alice@company.com, making MX verification alone insufficient. Look for catch-all probe logic (sending a test to a randomly generated address and checking for acceptance) or tagging from an email validation API.
Pass criteria: Contacts from catch-all domains are identified via at least 1 detection mechanism and treated conservatively — either excluded from cold sends or placed in a lower-confidence segment with adjusted send frequency.
Fail criteria: Catch-all domains receive no special treatment; their addresses are mixed with verified addresses in the main list.
Skip (N/A) when: The system sends only to explicitly confirmed addresses (double opt-in confirmed) and does not do cold outreach or single opt-in acquisition.
Detail on fail: Example: "No catch-all detection — company domains that accept all mail are indistinguishable from verified individual mailboxes"
Remediation: Use an email validation API that returns a catch_all or accept_all flag and store it:
// Example using ZeroBounce API response structure:
interface ValidationResult {
status: 'valid' | 'invalid' | 'catch-all' | 'unknown' | 'spamtrap' | 'abuse' | 'do_not_mail'
sub_status: string
}
// Store the validation status on the contact:
await db.contact.upsert({
where: { email },
update: { validation_status: result.status },
create: { email, validation_status: result.status, ... }
})
// Exclude catch-all addresses from cold campaigns:
const campaignContacts = await db.contact.findMany({
where: {
NOT: { validation_status: 'catch-all' }
}
})