Back then things like postmaster@theirdomain and webmaster@theirdomain were read by actual people. Also the whois command often worked.

I work for one of the largest Swiss ISPs, and these mailboxes are still to this day read by actual people (me included), so it's sometimes worthwhile even today.

I setup a new mail server with Stalwart and have been getting automated mails to my postmaster address (security treat results mostly).

Pretty neat.

I tried to contact Hetzner and others about customers scanning my ports. Nobody cares about that. I took issue when I kept getting firewall alerts for port scans on open Plex ports.

I went down a crazy rabbit hole and found a bunch of domains that were random parts of street addresses. Obviously created automatically and they were purposely trying to make it harder to find related domains.

A responsible domain owner still will read them. My own postmaster is a catch-all for all my domains, such that typos in the username still get caught. Has proven to be invaluable with the family domain, where harried medical staff make mistakes in setting up accounts for my parents.

You can also find out who owns a general group of IP addresses, and at the time they would often assist you in further pinpointing who is responsible for a particular address.

I always liked the RP DNS record (https://www.rfc-editor.org/rfc/rfc1183) but no one seems to know about it or use it any more. The only reason my servers don't have one now is because route53 doesn't support it.

tech-c / abuse addresses were commonly available on whois.