If you have an email address, then it’s almost certain that you’ve had to type it into at least one online form. And if you’re like most, you’re required to do it on a regular basis.
One way to help track whether that email address gets shared (and to be able to block mail to your email address if it gets shared with spammers) is to use an email address with an address tag instead of your regular email address.
How Address Tagging Works
Address tagging works like this:
- Your email address is [email protected].
- Cindy’s Hula Hoop Factory asks for your email address to to process your order.
- You enter [email protected] as your email address.
- Any email sent to [email protected] automagically gets delivered to your normal email account.
- If you start to get SPAM at [email protected], you can take any number of steps to block or filter all mail sent to that account and report Cindy as a spammer.
Configuring Postfix to Allow Address Tags
If you’re using Postfix as your mail server, telling Postfix to allow address tagging (step 5 above) is simple. Just set up a recipient delimiter by adding the following line to your /etc/postfix/main.cf file:
recipient_delimiter = +
then reload Postfix with:
postfix reload
Now, if a message comes in that is address tagged for [email protected], Postfix will then attempt to match [email protected] before [email protected] in most tables, and the local delivery agent will try to match user+extension before user when looking up aliases or .forward files. So if you don’t set up any specific mappings for user+tag, then the message will simply be delivered to user.
Choosing the Right Recipient Delimiter
Most people are familiar with the plus symbol (+) as the most commonly used recipient delimiter. However, during a recent discussion on the Postfix user list, it was mentioned that some websites (particularly banks) use JavaScript to try and validate email addresses when they are entered into online forms, and that many don’t allow the plus symbol as a valid character in an email address.
They do, however, seem to prefer the minus symbol (-) so I’ve modified my recipient_delimiter parameter in /etc/postfix/main.cf to read:
recipient_delimiter = -
Then I use [email protected] whenever I’m asked to provide my email address online.
Using your Address Tags
Once your recipient delimiter is set up, you can attach use any custom tag you wish to your email address to track how that email address gets used. If that tagged address gets compromised by spammers, you can then take simple steps to block that address in SpamAssassin, while still allowing mail to your regular address to come through. It’s best to use an address tag descriptive enough to let you know where you originally used it, and to use a different tag for each company or website that requests your email address.
Happy address tagging!
For more info on the recipient_delimiter parameter, you can view the official Postfix documentation for it here.
Thanks to Wietse Venema and Simon Brereton.