using exim to filter aliases with #exim filter

Our aliases are spammed like any other account, but filtering on them would require making a real account. I wanted to be able to filter aliases without creating accounts for everything. My first solution was to create an account and filter on that one, then using $original_local_part I could forward to a filtered alias. This works but if someone discovers the filtered alias, they can bypass the filtering.

The exim docs suggested that I could have filtering in the aliases but it didn't seem to work and I kept getting this in the logs:

error in redirect data: missing or malformed local part (expected word or "<") in "# Exim filter\n

Looking closer at the docs I found this sentence:

If you are reading the data from a database where newlines cannot be included, you can use the ${sg} expansion item to turn the escape string of your choice into a newline.

Exim isn't interpreting the \n as a newline so it ignores the alias as a filter file. I added the sg to my data part on the alias router and voila, everything works.

data   = ${sg{${lookup{$local_part}dbm{/etc/exim/aliases.db}}}{newline}{\n}}

This sg will take any occurence of the word newline in an alias and translate it into a newline. After that when I deliver -d I see the line being translated...

lookup yielded: # Exim filter newline if $sender_address contains proofpoint-pps newline then newline seen finish newline else deliver newline endif
expanded: # Exim filter
 if $sender_address contains proofpoint-pps
 seen finish
 else deliver

So aliases can be filtered like real accounts this way, you could use the #Sieve filter syntax too but the #Exim filter syntax works well enough for me.

Wordpress category: