[email protected]: > Hello, > > I'm not sure what I should do with bounce messages from aliased addresses. > > If X is the sender of a message to A what is an alias for B and my MTA > can't deliver the message to B for some reason, my MTA creates a > bounce messages and sends it to X. > > The bounce message contains informations like: > <B> (expanded from <A>): host HostB [IP] said: .... > > I, or rather the user, don't want that X can see the address B or > other informations, like HostB, it's IP or whatever. > > So what is common to do, how did you solve this problem? > (I think I'm not the first with this problem.) > - I can't send it to A/B because there are some problems. > - I can't send it to X because X must not see the alias A > B. > - I'm not going to send it to the postmaster. > > I could filter all bounces, extract the address B or the alias A > B > and find out this way if it is a bounce for an alias. Then I could > send a new bounce to X with less informations. What do you think about > this?
You can sanitize reject responses that Postfix receives from down-stream MTAs, by using reject_unverified_recipient before accepting mail, and by using unverified_recipient_reject_reason to hide reject replies from down-stream MTAs. Details about this are in http://www.postfix.org/ADDRESS_VERIFY_README.html. Of course that won't sanitize bounce messages due to delivery errors after the down-stream MTAs accept the message. If you want 100% certainty that the hidden address never leaks out, then you will have to build your own email infrastructure. Wietse
