I've run Postfix to host my domain's email for years now, and generally I've reduced spam to an acceptable level (including use of greylisting, SpamAssassin, and DNSBL).
One thing I've never figured out is why so many spammers attempt to send email to non-existent "hexadecimal" addresses, of the form xxxxxxxx.xxxxxxxx@mydomain or sometimes just xxxxxxxx@mydomain, where the xxxx are hexadecimal numbers.
Examples from just now:
- to=<8ac2e485@mydomain>
- to=<3b905d2d.5d0078fa@mydomain>
Since no such addresses are likely to exist, what's the point? My server refuses them with a 550 error so it's no big deal, but it seems pointless.
It's also, oddly, impossible for me to find search results indicating this affects anyone else though fairly obviously it must.
These addresses aren't generated by the spammers, they are the result of bad address collection procedures. Spammers use various tools to find addresses to add to their send lists. Some of these tools will search through web sites, or emails sent to mailing lists, and snarf up anything that looks like an email address - which includes Message-ID:s.
The Message-ID is a header in each email which is supposed to be globally unique, so that if two messages have the same Message-ID, they are considered to be the same message. This is what makes it possible for your email system to understand that if a message is sent to you twice (e.g. if it's sent to a group alias containing your email address as well as directly to you), it should only be shown once.
The Message-ID is usually created by the mail user agent (e.g. Outlook) or the first mail server (e.g. Exchange or Postfix). They consist of a unique string followed by an at-sign plus the domain name of the sending server. Some servers generate this unique string using hexadecimal numbers - here's one from Google:
As you can see, this string looks a lot like the kind of address you included in your question. And it's likely that some spammer will now start spamming that non-existent address, too.