The example.com domain is officially reserved by IANA (Internet Assigned Numbers Authority) for documentation purposes. According to RFC 2606, all second-level domains under example.com, example.net, and example.org should be unresolvable in the public DNS system.
When you send an email to any address @example.com, here's what technically happens:
# Sample SMTP transaction log
220 mail.example.com ESMTP
MAIL FROM: <sender@realdomain.com>
250 2.1.0 Sender OK
RCPT TO: <nonexistent@example.com>
550 5.1.1 Recipient address rejected: nonexistent domain
Most mail servers will either:
- Immediately reject the message with a 5xx error
- Accept then discard the message (blackhole)
- In rare cases, deliver to a catch-all mailbox (highly unlikely for example.com)
Regarding your concern about sensitive information:
# Python simulation of mail handling
def handle_email(recipient):
if recipient.domain == "example.com":
raise SMTPException("Domain not deliverable")
# Normal processing...
The IANA doesn't operate any mail servers for example.com. There's no centralized repository where these emails accumulate.
To verify this yourself:
# Bash command to check MX records
dig example.com MX +short
# Expected output: (empty) or informational MX like:
# 0 example.com.You can also test with telnet:
telnet mail.example.com 25
Trying 192.0.2.1...
telnet: Unable to connect to remote host: Connection refusedThe example.com domain was established in 1999 with RFC 2606 specifically to:
- Prevent accidental use in production systems
- Provide guaranteed-unused domains for documentation
- Avoid trademark conflicts in examples
When building email-related features:
// JavaScript validation example
function isValidEmail(email) {
const domain = email.split('@')[1];
return !['example.com', 'example.net', 'example.org'].includes(domain);
}For testing email functionality, consider using:
- Mailtrap.io for development
- Mailinator.com for disposable addresses
- Local mail servers like MailHog
In RFC 6761, example.com is explicitly designated as a reserved domain for documentation and testing purposes. The IANA maintains this along with other special-use domains like test, localhost, and invalid. Any email sent to *@example.com should theoretically go nowhere due to:
// Example of DNS MX record query for example.com
nslookup -query=MX example.com
// Returns: example.com mail exchanger = 0 .
While the domain shouldn't resolve, real-world behavior varies:
- Most SMTP servers will reject during the
RCPT TOphase with "550 No such user" - Some may queue then bounce with "DNS lookup failure"
- Poorly configured servers might accept then discard silently
Here's how Postfix handles it in main.cf:
smtpd_recipient_restrictions =
reject_unauth_destination,
check_recipient_mx_access hash:/etc/postfix/recipient_access,
permit_mynetworks
The risk profile depends on your mail system's configuration:
| Scenario | Risk Level | Mitigation |
|---|---|---|
| Modern MTA with default config | Low | Email rejected during SMTP session |
| Legacy Exchange server | Medium | May end up in dead letter queue |
| Misconfigured cloud service | High | Could be stored in unexpected logs |
To test your own mail system's behavior:
#!/bin/bash
echo "Test email" | mailx -s "example.com test" anyuser@example.com
# Check mail logs:
tail -f /var/log/mail.log | grep example.com
According to IANA's special-use domains registry:
"Domains under example.com are guaranteed never to be resolvable in the public DNS system, including all subdomains at any level."
For applications that need to handle such cases:
// Python email validation snippet
import dns.resolver
def validate_email_domain(email):
domain = email.split('@')[-1]
try:
answers = dns.resolver.resolve(domain, 'MX')
return bool(answers)
except dns.resolver.NXDOMAIN:
if domain.endswith('example.com'):
raise ValueError("Reserved domain example.com")