Previously, whenever I gave out an email address to an organisation, no matter how trustworthy they might seem, I created a specific email address for them. Eg, if I entered a competition run by Dixons, I might give them “dixon-competition@grepular.com“. I did this to protect my main email address in case the organisation I give the address to leaked it or abused it, either maliciously or accidently.
This was a bit of a pain though because it involved me having to configure up a new address each time I wanted to sign up for something. I didn’t want a catchall configured because I would end up receiving large amounts of spam. So I came up with a new idea which is, automatically expiring email addresses.
I wanted to be able to hand out email addresses of the format “YYYY-MMM-DD@tmp.grepular.com“ without having to create new aliases each time. These email addresses would work until the date YYYY-MMM-DD was reached. So for example, if today is the 3rd of June 2009 and I enter an online competition that ends in one month, and I know there will be no further email correspondence regarding the competition after two months, I just give them an email address which will work for the next two months and then stop working: 2009-Aug-03@tmp.grepular.com.
In my Exim acl_smtp_rcpt acl, I have the following:
deny domains = tmp.grepular.com
set acl_m0 = ${sg{$local_part}{\N[/\.]\N}{-}}
set acl_m0 = ${if match{$acl_m0}{\N^(\d+)-(.{3})-(\d+)$\N}{\
$1-\
${extract{x$2}{\
xJan=01 xFeb=02 xMar=03 xApr=04 xMay=05 xJun=06 \
xJul=07 xAug=08 xSep=09 xOct=10 xNov=11 xDec=12\
}}-$3\
}{$acl_m0}}
condition = ${if !match{$acl_m0}{\N^20\d\d-(0\d|1[0-2])-([012]\d|3[01])$\N}}
message = Bad recipient address: $local_part@$domain
deny domains = tmp.grepular.com
condition = ${if <{${sg{$acl_m0}{-}{}}}{${sg{${sg{$tod_log}{ .+}{}}}{-}{}}}}
message = $local_part@$domain has expired
log_message = Expired address: $local_part@$domain
accept domains = tmp.grepular.com
With the above configuration, if I wanted to give a company an email address that they could send me email to until the 3rd of June 2009, all of the following work:
2009-Jun-03@tmp.grepular.com
2009/Jun/03@tmp.grepular.com
2009.Jun.03@tmp.grepular.com
2009-06-03@tmp.grepular.com
2009.06.03@tmp.grepular.com
2009/06/03@tmp.grepular.com
Strictly, my configuration would allow for things like “2009/Jun-03@tmp.grepular.com“ as well, but I tend to stick to the “2009-Jun-03” format.
If an address is ever abused which is far in the future, eg with a local part of “2020-Jan-01” I can always just put in a rule to block email to that alias. That would require a targetted malicious attack against me though because I don’t give out such addresses. I could also just change the domain from “tmp.grepular.com” to something else, or add more data to the local part, eg “Expires-2009-Jun-03@tmp.grepular.com“
Want to leave a tip?You can follow this Blog using RSS. To read more, visit my blog index.