Just sharing ideas. I hope this is the correct forum.

As a form of spam-blocking, a friend and i came up with a solution for my box. Basically, there are two rules.

1) Block all external mail from reaching my domain. E.G. anything sent to *@example.com is rejected.
2) Reroute all mail to subdomains to the local user of the same name:
Bob@Bob.sample.com redirected to Bob@sample.com
Linode@Bob.sample.com redirected to Bob@sample.com
Bob@sample.com blocked.

All local mail still routes properly, with no need for the sub-domain. And, this has removed all the spam i used to get, as thankfully, spambots that check random hosts do not seem to check subdomains.

To accomplish this, MX records were added for the sub-domain, and exim-4 was installed. The following two modifications were made:

file: /etc/exim4/conf.d/acl/30_exim4-config_check_rcpt
Added:
deny
domains = example.com

This rules blocked all external incoming mail to the domain.

Then we created the following file:
/etc/exim4/conf.d/ rewrite/99_exim4-config_example_rewriting

And added the rule:

\N^.*@([^.]+)\.example\.com\N $1@example.com T

This works beautifully.

This now allows me to give any email address to anybody i want. Should i get spammed to a specific address, just blacklist it. If i get random spam, i may need to switch to a whitelist. I sure hope that doesn't happen.

To finish my setup, i'm using cyrus and squirellmail.

I would like to make a modification somewhere, if possible. I want to have to "To:" header to be the incoming address. That is, if John Doe emails me, i may give him the address john.doe@bob.example.com (which would get gets re-routed to bob@example.com), i would want the from address (or at least the reply-to) to be john.doe@bob.example.com.

Just a warning... this sort of configuration is nice and flexible. But it's not the spam deterrent you seem to think it is.

A number of ISPs allow this sort of thing. It doesn't stop spamming, and indeed can act as a spam magnet. All it needs is for "bob.example.invalid" to get into a spam list (eg you've signed up to a service and they sell your address; a usenet post; a reference on a web site; something!) and for a wildcard spammer to try MANY_ADDRESSES@bob.example.invalid and poor Bob gets all that mail.

Panix Internet (new york's oldest independent ISP) does something similar and they do see wildcard spam for these domains. Not so much as on their primary domain, but some.

A nice side effect of this sort of configuration is that you can give out different addresses to different people (eg bestbuy@bob.example.invalid) and filter (using procmail maybe) mail automatically into folders. And you can tell if someone has sold your address

_________________
Rgds
Stephen
(Linux user since kernel version 0.11)

Thanx for the reply.

I have been doing this for just over a year now, and it looks like a good setup.

I am worried about wildcard spamming, but i am assuming i can switch to a white-list at that point.

I am slow slow in implementing things. Or rather, slow in getting a friend of mine to implement them.

We just started looking at adding a new header like X-Original-To or X-Envelope-To to refer to the envelope's "To" header.

The problem is, as he explained after looking at it, since the "To" header has been rewritten, the filters don't seem to be able to grab the original. And the rewrites themselves don't have the ability to add the header.

The question is, is there a way in exim to rewrite to envelope's TO and store the original TO in a header in the message?