Rejecting all except certain addresses

bjrubble

Registered
Jul 7, 2004
3
0
151
I realize this is more an administrator forum than a user forum, but as a user I found the relevant documentation so uselessly superficial that I wound up here. Plus, I spent so much time working this out that I felt it worth posting.

I have my own domain, in which I have a couple specific email addresses that I use, and then a bunch of trackable addresses that I make on the fly for use with various websites, ie.
[email protected]
[email protected]
then
[email protected]
[email protected]
etc.

The idea being that if I start getting spam at [email protected], then I know who sold me out.

Then I have my default address set up as [email protected], so I can receive all my email at one place. Pretty basic scheme, I know a lot of people use this.

The problem is that I also receive everything else @domain.com, and spammers have started having a field day with this.

So, what I needed was to set up a filter that rejects everything except certain addresses. But since my on-the-fly addresses could be anything, this was basically impossible. So I changed my on-the-fly scheme to incorporate a common prefix, so then I use
[email protected]
[email protected]
etc.
(using some arbitrary prefix, here "ns_" as in "no spam")

If cpanel could filter out according to a regex, this would be easy, you'd look in the To: header for
Code:
(lobster|website_contact|ns_.*)@domain.com
and reject anything that didn't match. But cpanel makes it harder, so here is the relevant regex (for the To: header):

The \\\\ is how you have to escape backslashes, apparently -- they get unescaped twice in process, so these turn into a single backslash in the final regex. (Any cpanel documentation writers listening?)

The regex basically translates to:
1. Match the beginning of a word (\\\\b)
2. Negative zero-length forward assertion that the next characters don't match a valid address pattern (?!([email protected]|[email protected]|ns_))
3. At this point, we know this isn't a valid address, but it could be any other piece of the To: header (a name, an address at another domain, etc). We want to make sure that this is an invalid address at this domain. (\\\\[email protected])

Anyway, hope this helps somebody. Also, so far I just have this redirecting my mail rather than rejecting it because I don't trust it entirely, so I'm hoping that some regex experts might look at it and point out any flaws.

PS. This actually works better than filtering out non-matches, since this won't reject mail that I get Cc'ed or Bcc'ed on -- as long as there isn't an invalid email address on the To: line, I'll get it.