Thinking of setting up some email aliases - looking for guidance

maybl8

What aliases do you use?
What is a good best practice?
Does having an alias like info@xxxxxx.com cause you to get more spam or help hackers to get into your server?
Any other suggestions?
Thanks

ETNyx

Spam - truth is that bots and others may automatically guess for example info@ support@ and others. If alias will results in more spam, that is debatable. Usually anti-spam catch those.

Unwanted - Depending on your strategy, it may raise unwanted messages (not spam). People are usually lazy and does not finding right recipient. For example we use info@ as company wide-ish alias, delivering into several mailboxes, about 90% of messages are not for me in any way,… they even asking for specific recipient in body, but they still send to this company mail not to person itself.

Security - no alias not creating vulnerability. You can’t log into system using alias, because it’s not valid user,…

Good practice - This is hard, we use two public facing info@, billing@ and those RFC ask for postmaster@ abuse@,…

As I wrote before info@ is kind of a dump but still can be useful. Let’s say you want company social media page, it’s usually tied to specific user, usual workflow is register to bob@ but what if bob stop working for you? Than media@ or info@ is better. Or sharing one company account somewhere, those pesky 2FA over mail, problem solved.

billing@ has proven to be good. It always target accounting@ it’s real mail used as storage and history and john@ real person that change several times in last years,… This way you do not forcing your customers to change address for billing purposes.

That’s me,… looking for stories from others :-)

mlcwuser

In my opinion, if you own a domain, the only aliases or mailboxes you really need are hostmaster@domain.tld and maybe admin@domain.tld. In my setup, hostmaster is an alias for the admin@domain.tld mailbox. I would only use something like info@domain.tld if I actually had a website, webshop, sent out newsletters, or somehow needed an official contact address where it is expected that I actively reply to customer/user requests.

Everything else is entirely up to you. Personally, I’m not a big fan of using separate aliases per service. It’s too much effort and, in my opinion, increases the risk of losing access to an account if something goes wrong. Instead, I’d maybe use two or three aliases at most:

firstname.lastname@domain.tld (or similar) for personal communication
something like shopping@domain.tld or services@domain.tld for paid external services that already have your personal data anyway
a separate provider like Proton Mail for forums and other low-importance services.

esackbauer

mlcwuser
I think postmaster@domain.tld is far more important than hostmaster@domain.tld

RFC‑mandated: RFC 5321 (and earlier RFCs) require that any SMTP‑capable host must accept mail to postmaster@domain, making it a standard technical contact for email‑infrastructure issues.
Reputation and trust: Mailbox providers and other operators expect a working postmaster mailbox; missing or non‑responsive postmaster can hurt your domain’s reputation

mlcwuser

You’re right, of course, I mixed up hostmaster and postmaster. 🤦

And yes, as far as I know, postmaster@domain.tld, it’s the one address that’s actually mandatory if you have a mail server.

I still have ‘hostmaster@domain.tld’, but only because I host my own DNS. Don’t ask why. 😉 I originally had that because I was using Mail-in-a-Box, and when I later switched to Mailcow, I set up my own NSD name servers. That’s probably not something I’ll keep doing forever, though.

Personally, I don’t host a public website, and the services I run are only for personal or family use. Because of that, I only use the following administrative aliases:

abuse@domain.tld (recommended but not strictly mandatory)
postmaster@domain.tld (this is the one that is mandatory for a mail server 😉 )
hostmaster@domain.tld (only relevant if you host your own DNS).
admin@domain.tld (this is the actual mailbox that the above are aliases of).

In addition, I have:

These are used for the respective email security reports.

Ultimately, all of these addresses are aliases of the main admin@domain.tld mailbox on the domain on which the mail server runs.

ETNyx

Also check mail+alias@ function in MC (Gmail have it too). It’s fantastic 👍️

DocFraggle

https://docs.mailcow.email/manual-guides/mailcow-UI/u_e-mailcow_ui-sub_addressing/

maybl8

Thanks everyone for this helpful info. I will be implementing some of these on my server.
Do you setup the postmaster as lern as spam or learn as ham in the settings?

Figured this out . Just put my email address in the Goto address