Bounce selected users in virtual domain with Postfix?
In my continuing quest to manage my server better, I'm tackling some mail issues. Here's the quick overview of my situation:
I have a domain hosted at an ISP. I have two virtual domains being served (is this the correct term?) from the main site. I am the sole receiver of emails to the virtual sites, though I have various addresses there. I have an account on the main site (let's call it domain.com), which was so overloaded with spam, it's now in the trash (I think).
In /etc/aliases, I have this line:
<old-account>: |"exit 67"
which is bouncing all emails to the account <old-account>@domain.com. So far, so good.
Now, the _new_ domains are being hosted virtually like so (from /etc/postfix/virtual):
So far, so good. Here's the catch. I have two email address on the new server which are already corrupted (spammers) and I want them to bounce also. All emails to @virtual1.com and @virtual1.net go to one account on the domain.com site. How/where can I override for _select_ "users" in the virtual domains, like this:
firstname.lastname@example.org <should bounce>
email@example.com <should bounce>
If, in /etc/aliases, I try to say:
<corrupted1>: |"exit 67"
it's interpreted as <corrupted1>@domain.com, not as @virtual1.com
I've read all the Postfix configurations, examples and FAQs I can find and so far, nothing covers this question.
Easiest thing to do is to not have the user that is being spammed. That way Postfix will outright reject it.
Did you ever find how to execute a command on a virtual mailbox?
If my domain is example.com (and .net), and my user account is firstname.lastname@example.org (remember my example.com and .net are virtual domains served by host.net), then I can create any email address with the following format:
Why? This lets me remove that single address should this company sell it and cause a spam overload. Also, I can more easily sort my mail into folders because I know who it's addressed to.
So the issue, to deal with the spammers who are sending fake email addresses using my domain name (and therefore getting bounces, etc, sent back to my host for my email filters to struggle with), is how to tell Postfix as early as possible "these addresses are total fakes"!
I've got a bunch of entries in /etc/postfix/recipient-access that look like this:
Some of them still get through. I'm hoping that the email addresses I've had to throw away because of spam can be "cleaned" by a quarantine period in here....I haven't proven that yet.
I'm still looking for a spam-foiling rule that will get the <alphabet-soup>@example.com addresses to bounce.
Since I wrote the first post, we've had to change (just this week) the server in our home which was retrieving mail, serving the internet and acting as a firewall. In the process, I moved to having my home computer retrieve the mail from my host.com site using the command fetchmail (use fetchmailconf to configure---very easy!).
I haven't had a chance yet to see if that will facilitate my spam-trapping. I think first I should check for upgrades to SpamAssassin and see how much that helps. I do have an extensive list of procmail filters which keeps most of the spam on the server for me to delete manually, instead of burning bandwidth to bring it down to my home computer.
My apologies for rambling so much. I've learned (from the searching-for-an-answer side of the scene) that having someone over-explain helps me to find answers!
I found out how to do it.
Create a service in master.cf and use transport to redirect addresses and domains to that service :D
While this would work (as far as I know), I'd like to provide as little help to the spammers as possible. As I understand it (and since I'm not a professional in the field, I could be wrong!), REJECT just drops the incoming email with no further action. Bounce will send the message back to the sender---which is usually faked anyways and means some other poor innocent soul's domain is getting buried under the bounces coming in. Plus, bounce also requires my host.com server to do more work---and during a flurry of spammer activity, can actually bury a server pretty deeply.
I'm definitely always looking for ways to improve my set-up---especially as time goes on and I become the go-to person in my household/domain for email issues---so I appreciate any further insight into the situations of virtually hosted domains.
|All times are GMT -5. The time now is 05:30 PM.|