Wildcard Email Addresses with Self-Hosted Postfix

Display mode

Back to Quick Hacks

If you've ever received spam to your email (and if you've had an email address for more than ten minutes, you've had spam) it can be difficult to find out how the spammers got hold of your address. If you have a domain name of your own, some interesting tools open up that can help to determine the provenance of spam, and from where the spammers get their databases; the tool this article covers is wildcard email addresses.

For example, many years ago I signed up to TV Tropes (probably to post a comment on some trope page). At some point, TV Tropes suffered a data breach and their user database was lifted, including email addresses, which means to this day I get emails like the following:

From: "Equipe RH" <rfgfx@[redacted]>
To: <tropes@imrannazar.com>
Subject: I RECORDED YOU!
Date: Thu, 13 Oct 2023 15:27:47 +0330

Hello there!

Unfortunately, there are some bad news for you.

Some time ago your device was infected with my private trojan,
R.A.T (Remote Administration Tool), if you want to find out more about
it simply use Google.

My trojan allows me to access your accounts, your camera and microphone.
[cut, but you get the idea]

So tropes@ gets routed to my inbox; in fact, anything @ my domain gets routed to the same inbox. This is what is meant by the term wildcard above: any value is a match. As well as allowing for spam provenance like the example above, this also helps with email filtering: if you're dealing with a certain company by email, your account email address can be thatcompany@yourdoma.in and your preferred email client can automatically filter any mail received to that address, into the appropriate place.

If you've purchased a domain, there are levels of email service available to you: one is fully-hosted service, where the Big Providers like Microsoft and Google offer the ability to use their servers for all email handling, so your domain essentially falls under their control for email purposes.

Configuring Postfix

At the other end of the spectrum is the self-hosted mailserver, where a machine under your control handles and stores email for the domain. For this quick note, we'll be installing and configuring the Postfix mail package on a Debian Linux machine. The Debian Wiki has a useful guide on installation and post-install steps like configuring DKIM and greylists, but it boils down to apt install postfix for our purposes.

The above guide has a section on aliasing, where emails to one address get automatically forwarded to another. We'll be setting up a wildcard alias, which involves a couple of steps; first is to add an aliases file.

Adding an aliases file

echo "*: youracct" >> /etc/aliases
newaliases

Configuring postfix to use the aliases

postconf -e "alias_maps = hash:/etc/aliases"
postconf -e echo "alias_database = hash:/etc/aliases"

This enables postfix to treat any incoming address as though it were coming to a user of that name, but we'll also need to add a virtual alias for the domain routing:

Adding a virtual alias map

echo "yourdomai.in magic" >> /etc/postfix/virtual
echo "@yourdomai.in youracct" >> /etc/postfix/virtual
postmap /etc/postfix/virtual

Configuring postfix with the virtual map

postconf -e "virtual_alias_maps = hash:/etc/postfix/virtual"
service postfix reload

And in theory, we're done: email sent to any address at your domain should now land in your local mailbox. Delivery of the mail to your client of choice through IMAP is outside the scope of this quick hack, but I've used dovecot for a good while, and haven't had any issues.