Matus UHLAR - fantomas via Postfix-users <postfix-users@postfix.org> wrote:
>
> Mozilla supports multiple identities on the same mailbox, even using
> different sending server/mailbox.
> So, with mozilla you can have the same result with both alias and mailbox.
> However, this may not apply to other clients, where separate account may be
> needed.
Adding email aliases to an email client doesn't make sense because there are
just too many and I wouldn't want to have to pick one. Last count I had ~2500
records in my password manager (not all emails/logins...but most).
I'm also someone that uses a catch-all in order to give out unique email to
every website I have to give my email to. Enables me to see who is selling my
address and then blackhole specific addresses if they start getting a bunch of
spam. Don't get me started on hashed emails as the new
advertising/cross-device IDs.
I've also thought about the outgoing problem as well. In addition to revealing
my real email, it also causes problems when "clever" companies are using my
From address as some sort of awesome security check ("please write us from your
registered account email, because this proves it is really you").
I haven't implemented it yet, but my plan was the following...
- incoming milter to build record of From/Reply-to (evil company) to To
addresses (my aliases). This milter would just store this in a db (memcached
or redis).
- outgoing milter - looks at the To address, does a lookup in the db and then
re-writes the sender
Having the pair of milters solves (sorta) the "which alias to reply from"
problem based on recency.
There are a lot of edge cases here that would require some thought...
- what happens when you reply-all and there are multiple To addresses? Which
one should be used for the lookup? You may have received email from multiple
of them in the past at different aliases. I guess you could avoid batch
delivery and send to each of them individually with different alias. But what
about the ones that don't yet have an alias...what alias do you use?
- what happens if a given company has multiple emails for you and you reply to
an older email? likely you use the most recently stored alias mapping which
may not reflect the alias that was used on the mail you actually replied to.
A more robust solution would be an email client that supported this by parsing
the original email headers (from evil company) and adding a header on the reply
that could be used (and stripped) by a milter to deterministically reply with
the right alias. But if you want to use off-the-shelf email clients and have
this also work from your phone and computer, etc...not going to be a realistic
option.
So then I start thinking about caching message IDs and doing it on that level
rather than cached From/Reply-To addresses...but then the database gets much
bigger...but if you don't often reply to old email, you could dispose of
records based on recency and just accept not hiding your email if you reply to
emails older than X days.
Another thought...what about email that you send (support@evilcompany) where
you don't have a relationship with them yet (nothing in db)? Outgoing milter
could theoretically generate an alias for you based on company domain or
something and store it in the db so you use the same one in future
communication.
What about on a domain level rather than on an email@domain level? Exceptions
for gmail, proton, etc?
I'm also not totally sold on any of these approaches, so happy if someone has a
clever idea.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
