Disposable address blocking

[umquat]

Hi all!

Extension addresses (user-anything@domain) are a great way to create "disposable" adresses to give away with a great deal of confidence.

Later, when the shady website I gave my disposable address to starts feeding the spam circuit and the count starts to bother me, I can setup a filter in Zimbra and dispose of messages directed to that account as I see fit.

Zimbra allows all this, so far so good.

It would be even better to block the messages that we know are directed to a disposable account right at the SMTP "RCPT TO" stage. That would block them and not let them enter our Zimbra system at all.

I used to do this quite simply with the "relocated_maps" parameter in postfix. It allows the MTA to check a map and respond with a standard 5XX SMTP response that the user has relocated to another address. For example to relocate all my disposable, spammed addresses to !127.0.0.1@i.hate.spammers or some other thing.

The relocated(5) page gives more info on the subject.

Any thoughts on this? Could something like this could be added to Zimbra (with UI, stats, the whole enchilada)?

Thanks,
Ruben

[phoenix]

Assuming you remove the 'disposable' email address from your system then this setting will get rid of them: Improving Anti-spam system - Zimbra :: Wiki

[umquat]

reject_unknown_recipient_domain and reject_unverified_recipient work for the whole domain, but the other method works for individual addresses.

90% + of my mail is spam and no matter how well I filter I'm still using resources on them. Better to block than filter. IMHO

[phoenix]

Quote:

Originally Posted by umquat

reject_unknown_recipient_domain and reject_unverified_recipient work for the whole domain, but the other method works for individual addresses.

90% + of my mail is spam and no matter how well I filter I'm still using resources on them. Better to block than filter. IMHO

This is a quote of the first sentence from link I gave you:

Quote:

To reduce email to accounts that you don't even have: Change the entry in zmmta.cf for smtpd_reject_unlisted_recipients to 'yes', save the file and restart postfix. (postfix reload)

Unless you know something I don't that will reject messages for unknown recipients.

[umquat]

Let me explain myself:

• user@domain is a valid user.
• user-trusted_site@domain is a valid delivery address for a valid user
• user-spammy_site@domain is also a valid delivery address for a valid user

If you use smtpd_reject_unlisted_recipients here's what will happen (but please correct me if I'm wrong)

RCPT TO: user@domain WILL deliver

RCPT TO: user-trusted site@domain WILL deliver

RCPT TO: user-spammy_site@domain WILL deliver

the thing that I want to accomplish is:

RCPT TO: user@domain WILL deliver

RCPT TO: user-trusted_site@domain WILL deliver

RCPT TO: user-spammy_site@domain WILL NOT deliver

relocated_maps is the way to go when you want this finer-graded kind of control over message delivery

[liverpoolfcfan]

Quote:

Originally Posted by umquat

Let me explain myself:

• user@domain is a valid user.
• user-trusted_site@domain is a valid delivery address for a valid user
• user-spammy_site@domain is also a valid delivery address for a valid user

RCPT TO: user-spammy_site@domain WILL NOT deliver

What is the point in keeping user-spammy_site@domain as a valid account on the system is you are not going to allow any mail to be delivered for it ?

Your premise to begin with was that these were "disposable addresses" - so dispose of it, and create a new disposable address of user2-spammy_site@domain for that user instead.

Or am I missing something ?

Even if you create multiple aliases to one account - as long as you use the settings provided as a suggestion - emails for those real and alias accounts will be allowed in. All other emails will be rejected.

If you remove a "has become too spammy" alias to a real account, and create a new "risky site alias" for that account - the emails for the old alias will be discarded for you. Does this not achieve what you want to achieve ?

[fcash]

You misunderstand how postfix handles address extensions.

There is only 1 physical, real account: user@domain.com

However, this user can fill in online web forms using user-whatever@domain.com and all messages to those addresses will be delivered to user@domain.com. (Usually it's user+whatever, but it's configurable.)

NOTE: these are not aliases. These addresses do not exist anywhere on the system. But Postfix will deliver them, as it ignores everything between - and @.

Google Mail also supports this (try sending mail to username+blahblah@gmail.com and it will be delivered to username@gmail.com, with the TO: field set to username+blahblah@gmail.com).

However, there's no "easy" way to block a specific user-whatever@domain.com e-mail at the SMTP level. And the OP is asking for an "easy" way to do so.

[liverpoolfcfan]

Quote:

Originally Posted by fcash

NOTE: these are not aliases. These addresses do not exist anywhere on the system. But Postfix will deliver them, as it ignores everything between - and @.
.

OK. Never knew that. I learned something new today. Thanks

OP - Sorry, I was of absolutely no help :-)

[umquat]

Quote:

OP - Sorry, I was of absolutely no help :-)

jeje NP

I lived with an email-only postfix+kitchensink handcrafted setup for a very long time.

I had some Ruby CLI scripts to point "too spammy" recipients in MySQL tables to oblivion (among many other things). I know how to do this, I've used it for a long time.

This is a very nice feature of the MTA that Zimbra uses, so it makes sense to ask if it could be promoted to a proper Zimbra feature.

If not, I might hack it myself, no biggie.