I’ve been Joe-jobbed.

Some low-life spammer has started forging messages from my domain. My mail server is receiving many deliveries per second, all bounces for users that don’t exist at my domain. Unfortunately I have (had) a catch-all alias that put mails for all unknown users into my mailbox. Ooops.

I’m in the habit of making up e-mail addresses within my domain, in order to keep track of where people get hold of my e-mail address. So if Amazon want my e-mail address, I’ll tell them it’s alex-amazon.com@example.com. That mail will still get to me because of my catch-all alias, but I’ll be able to tell that something fishy’s going on if somebody else starts to send me mails to that address.

Most of the bounced joe-job e-mails are sent to a generated address, e.g. JohnSmith@example.com. I want to discard those mails, yet still accept the alex-whatever@example.com addresses that are meant for me. How can I do wildcard address aliasing with Exim?

The short answer is, you can’t. My catch-all alias looks like this:

*: myuser@localhost

It would be nice to write this:

alex-*: myuser@localhost

…but unfortunately it doesn’t work. Fortunately Exim has a little feature that is nearly as good. You can strip off a wildcard suffix from the username before delivery is attempted. Just add these lines to the appropriate router declaration:

local_part_suffix = -*
local_part_suffix_optional

Now any e-mail with a ‘-‘ character in the username will have that suffix part stripped off before delivery is attempted. So now my alias rule looks like this:

alex: myuser@localhost

Any emails to alex or alex-ANYTHING will come to me. Everything else gets quickly rejected as unroutable.

Phew!

Comment · Comments Feed · TrackBack

  1. nate said,

    24 June, 2006 @ 15:28

    randomly came to your website upon searching for an event calendar plugin for wordpress.. does yours work with the newest 2.0? I’ll probably try it anyways, i’m just curious

    anyways, I noticed this post- i used to do the same thing- used my domain as a general thing where i just haneded out email addresses, but then i found out about spamgourmet, and now thats all i use. you get a quick account there (ie. firetree) and then you can give out any email address you want with the format xxx.#.firetree@spamgourmet.com. xxx can be anything- whatever you give works, and then # is a number from 1-20 and that is how many times the email address can be used. That way, the emails come to your main mailbox but people dont know what it is, AND if they do abuse it, it automatically shuts down. You can shut it down, renew it or specify advanced rules at the main spamgourmet website- but I have never found it necessary and haven’t been back to the main website once.

    Just thought you might be interested =)

  2. Ade said,

    4 October, 2006 @ 19:38

    Man, I have the same issue right now and it’s driving me freaking nuts!

  3. Arthur Rytas said,

    15 December, 2008 @ 04:55

    Interesting to read about your method of keeping track of who u handed out email address to — i do a similar thing by utilizing the “AddressGuardTM” feature of a Yahoo account … in fact that is ALL i use that account for now-a-days [Google won me over many months ago smile].

    That feature of Yahoo lets the account owner create and manage disposable email addresses by allowing short notes to be added to the address when creating it – and i can always find out who i gave the address to when it starts to be spammed …. and of course i then simply delete it. I got so sick of [in the early days] of having to change may prime email address every so often to shake the spammers.

    Unfortunately the Host i use for my domain, while allowing over a thousand alias email address [I too use the ‘CatchAll’ function] does NOT have the facility to add notes against the aliases [impossible to manage] … until they do i will continue to utilise the Yahoo account and their Address Guard service ….

    BTW: WoW … thanks for the Event Calendar!!! Simply TOO good!

Leave a Comment

Sponsors