Your default email address is listed under Default Email Account. This is a mailbox that is set up automatically when your cPanel account is created (account’s username and password are the same as your cPanel account username and password), it cannot be deleted or renamed, and has no quota. Your “default email address” is the one, which can be used as a “catch all” (catch all mails addressed to firstname.lastname@example.org). Using a catch all can be a blessing and sometimes a curse.
If you are wondering on what you should set for the default email address, my suggestion would be to have this value always set as :fail:, and not :blackhole: or your default email address (situation when you will notice a high amount of spam on this mailbox). The reasons behind this option are:
1. :blackhole: first accepts the email and receives it, then is sending it to /dev/null. This is a big waste of your bandwidth.
2. :fail: stops the email from being received, because verify = recipient occurs at the RCPT phase of the SMTP exchange before any data has been received. No bounce is sent and the exchange simply terminates with an SMTP error code. This means much less processing resources on your SMTP server and much less bandwidth (you don’t actually receive the email).
To set the default email address to :fail for every existent cPanel account you could simply run this:
cp -r /etc/valiases /etc/valiases.back
sed “s/^\*:.*/\*: :fail: No such person at this address/g” -i /etc/valiases/*
For new created cPanel accounts you can always force this by default from WHM (WebHost Manager) -> Tweak Settings -> Mail and set Default catch-all/default address behavior for new accounts to fail.