1

Topic: how to invalidate email on catch-all domain?

a friend of mine has a catch-all domain on my iredmail server. due a lot of hacking and datastealing a email address of him has now a increased spam rate. quite a lot spam mails are delivered to the inbox without being dropped from the spam filter.
the one email address he was using, was compromised multiple times in hacks (https://haveibeenpwned.com/) so he wants to deactivate only this email address while keeping the rest of the domain as catch all.

where is the right location to do that? of course i can simple add a sieve rule to move the matching email address to spam, but as it was a legitimate email, it would be good to return something like the official "mailbox does not exist" mailerdeamon message.

where to do that? postifx, dovecot, sieve, ... ?
it it even possible?

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: how to invalidate email on catch-all domain?

c33s wrote:

he wants to deactivate only this email address while keeping the rest of the domain as catch all.

Impossible. If you remove this address, then it will be caught by catch-all.

If your friend's mail domain is for personal use, it's better explicitly created the mail addresses he uses, and disable catch-all completely.

3

Re: how to invalidate email on catch-all domain?

it's better explicitly created the mail addresses he uses, and disable catch-all completely

thats not possible, the catch-all is required, because he uses many different addresses and addresses he "creates" on the fly. creating them all manually is not an option. emails also have different patterns so they get delivered to a different folder. he uses it together with https://github.com/absorb-it/Virtual-Identity where thunderbird (sadly not the newest version) is able to reply with that email address the mail was written to.

like having a firstname@example.com real iredmail account with a setup catch-all, giving a custom address to an online shop "shopname-acquisition@example.com" leads to an email delivered into "acquisition" inside the "firstname" account. pressing on reply in thunderbird leads to sending an email with the account "firstname@" but from "shopname-acquisition@"

so if such emails gets compromised it is a must to close/lock it.

for example foodora got a databreach https://haveibeenpwned.com/PwnedWebsites#Foodora

his email in this case would be "foodora-acquisition@example.com", now it would be good if he can log into his foodora account and change the email to "foodora2-acquisition@example.com" and put "foodora-acquisition@example.com" on a blacklist so the mailserver acts as if the email account does not exist.

is this completly not possible or only currently not implemented? where could such a feature be handled/implemented?


but it would be important to