Exim/SmartCatch
One great thing about having your mail server is to have an infinite number of email addresses. This is great to protect against spam. Eg. you give the address sitename@example.com to a website. If this address starts to receive spam, you know who sold it and you can easily block it.
A common way to implement that is through a catchall address: all the emails to any address will end up in your box. The issue is that spammer are sending spam to random addresses and your smart idea to avoid spam will become an enormous spam trap.
Here we will configure addresses with embedded hash-code so only you can generate new addresses. The addresses will looks like sitename-rtx@example.com.
Generate secret
The first step is to generate some secret. This will be used both for generating your addresses and validating them.
$ </dev/urandom tr -dc A-Za-z0-9 | head -c8; echo
AwatgLfG
As the name indicate, this must stay secret. Anybody with this secret will be able to generate valid email addresses for your domain.
Validate Address
Create file /etc/exim4/conf.d/router/440_smartcatch
smart_catch:
debug_print = "R: smart_catch for $local_part@$domain"
driver = redirect
domains = +local_domains
condition = ${if eq{${substr_0_3:${md5:${substr_-4:$local_part}@$domain@AwatgLfG}}}{${substr_-3_3:$local_part}}}
data = yourrealemail@example.com
retry_use_local_part
headers_add = X-smartcatch: true
Replace AwatgLfG
in the condition with the secret that you generated above. Also replace your email.
The line header_add
is only there to help debugging. It can be safely removed.
Reload exim config
# systemctl reload exim4.service
Generate Addresses
fcgiwrap
# apt install fcgiwrap