I Support necrom totally, we have seen this in our directadmin installs a lot of times, a Catch-all attracts so many spam messages being a default solution is not workable. we stayed away from it, disabling it for many years now.
A configurable solution like necrom suggests could work, i prefer to stay away from it.