Catch allCatch all

On one of the domains I have, I installed the option to have a catch-all email address. One of the big advantages of using the catch-all address is that I can have a separate email address for each store that asks me for my email address without explicitly having to create these addresses.However, there is also a downside to having a catch-all address, namely that spammers can send an email to any address at the server, and the server will accept it. Of course I can use some procmail filters to remove all of these , but I would actually like to stop the receiving of these messages already at the server.

A couple of days ago, I moved the email handling of this domain to my own server which runs Exim as the MTA. I modified the configuration of Exim such that it will accept any email address that has a specific pattern. This way I created an catch-almost-all server: I don’t have to create specific email address for each store as long as I use a standardized pattern and anything else is stopped by Exim before receiving it already.

After setting up exim4 in your server to work with split configuration files in Debian, you should have a file

/etc/exim4/conf.d/acl/30_exim4-config_check_rcpt

The default configuration will run the ACL in this file after the RCPT TO: command has been given in the SMTP session, i.e. it allows you to reject addresses you don’t want to be accepted by your server.

The beginning of this file contains some sanity checking, which I left in place (e.g. valid email addresses, not containing weird characters, things like that).

To deny incoming messages during the RCPT TO: command in the SMTP session, I added the following to the 30_exim4-config_check_rcpt file:

deny #Fill in your own domain here :) domains = YourDomain.tld #If the condition does not hold (i.e. if Exim cannot find a #match for the recipient in the SMTP session in the file #/etc/exim4/allowedrecipients... file for your domain exim #will deny the recipient and give the message given by message #below !condition = ${lookup{$localpart}wildlsearch{/etc/exim4/allowedrecipients_YourDomain.tld.conf}{true}} message = Who made you think this user existed on this domain??

As you can see, I did not want to hardcode the patterns I want to accept in the configuration files, but I wanted to have this in a separate file. Because of the usage of wildlsearch you can write down patterns with regular expressions in the file. To allow the following three patterns in Exim:

  • Address: Alice@YourDomain.tld
  • Address: Bob@YourDomain.tld
  • Pattern: no-spam-from-you-*@YourDomain.tld (e.g. no-spam-from-you-acme@YourDomain.tld)

you can create the file /etc/exim4/allowed_recipients_YourDomain.tld.conf with the following contents:

^\NAlice$\N ^\NBob$\N ^\Nno-spam-from-you-.*\N

For more details about the format of this file, please look at the Exim4 documentation.

Now if for some reason, some of your email addresses have gotten on a list and you don’t want to receive any emails via these address anymore, you can also actively block these specific addresses. You can do this by adding the following to the ACL:

deny #Fill in your own domain here domains = YourDomain.tld #If the condition holds, Exim will deny the message. The #condition holds if the lookup in the file is successful condition = ${lookup{$localpart}wildlsearch{/etc/exim4/blockedrecipients_YourDomain.tld.conf}{true}} #If the lookup is successful, this is the message that #will be given by Exim in the SMTP session message = This user is actively blocked!

Any specific address or pattern can be blocked by putting it in the file /etc/exim4/blocked_recipients_YourDomain.tld.conf. This file has the same format as the previous file. So if your email address no-spam-from-you-acme@YourDomain.tld has gotten on a spam list somewhere and you want to block it, you can do so by putting the following in the blocked_recipients file:

^\Nno-spam-from-you-acme$\N

If you have any ideas on better handling spam, or if the above made your spam-battling life easier, please let me know in a comment!