[GH-ISSUE #593] [Enhancement] Allow blocking senders. #995

New issue

Closed

opened 2026-03-14 11:24:00 +03:00 by kerem · 12 comments

kerem commented 2026-03-14 11:24:00 +03:00

Owner

Copy link

Originally created by @RokeJulianLockhart on GitHub (Feb 9, 2024).
Original GitHub issue: https://github.com/anonaddy/anonaddy/issues/593

I don't want to disable an alias every time spam reaches one, especially because most spam I receive is from the same few addresses (yet can't be unsubscribed from; it's mostly phishing). Consequently, please allow me to block senders per alias, recipient, and account-wide (the 3rd being the most important for me immediately).

Originally created by @RokeJulianLockhart on GitHub (Feb 9, 2024). Original GitHub issue: https://github.com/anonaddy/anonaddy/issues/593 I don't want to disable an alias every time spam reaches one, especially because most spam I receive is from the same few addresses (yet can't be unsubscribed from; it's mostly phishing). Consequently, please allow me to block senders per alias, recipient, and account-wide (the 3rd being the most important for me immediately).

kerem closed this issue 2026-03-14 11:24:05 +03:00

kerem commented 2026-03-14 11:24:11 +03:00

Author

Owner

Copy link

@Cascabel-dev commented on GitHub (Feb 14, 2024):

You should just be able to block the sender from the email, no? When you receive the forwarded mail, it will be youralias+sender=sender.com@yourname.anonaddy.com. So if you block that, you would just be blocking that specific sender, not the alias itself. It would still be great to have a place to do it in the Addy dashboard, but you shouldn't have to deactivate the whole alias. If I am missing something, then please let me know!

<!-- gh-comment-id:1944491008 --> @Cascabel-dev commented on GitHub (Feb 14, 2024): You should just be able to block the sender from the email, no? When you receive the forwarded mail, it will be youralias+sender=sender.com@yourname.anonaddy.com. So if you block that, you would just be blocking that specific sender, not the alias itself. It would still be great to have a place to do it in the Addy dashboard, but you shouldn't have to deactivate the whole alias. If I am missing something, then please let me know!

kerem commented 2026-03-14 11:24:16 +03:00

Author

Owner

Copy link

@RokeJulianLockhart commented on GitHub (Feb 16, 2024):

https://github.com/anonaddy/anonaddy/issues/593#issuecomment-1944491008

@Cascabel-dev, the example you provide would only block the sender from a specific alias. I need it at least account-wide to lessen currently common spearfishing attempts.

Additionally, most e-mail providers I've used (GMail, Outlook, and potentially Proton) appear to check whether a domain is in a whitelist and if not, block the entire domain, when it automatically detects spam from an address.

<!-- gh-comment-id:1948303477 --> @RokeJulianLockhart commented on GitHub (Feb 16, 2024): > https://github.com/anonaddy/anonaddy/issues/593#issuecomment-1944491008 @Cascabel-dev, the example you provide would only block the sender from a specific alias. I need it at least account-wide to lessen currently common spearfishing attempts. Additionally, most e-mail providers I've used (GMail, Outlook, and potentially Proton) appear to check whether a domain is in a whitelist and if not, block the entire domain, when it automatically detects spam from an address.

kerem commented 2026-03-14 11:24:21 +03:00

Author

Owner

Copy link

@willbrowningme commented on GitHub (Feb 16, 2024):

The solution I have in mind for this would only be able to block sends based on the SMTP FROM address (return path) and not the From: header. So it might not be as effective for services using variable envelope return path (VERP).

<!-- gh-comment-id:1948788560 --> @willbrowningme commented on GitHub (Feb 16, 2024): The solution I have in mind for this would only be able to block sends based on the SMTP FROM address (return path) and not the `From:` header. So it might not be as effective for services using variable envelope return path (VERP).

kerem commented 2026-03-14 11:24:26 +03:00

Author

Owner

Copy link

@RokeJulianLockhart commented on GitHub (Feb 16, 2024):

https://github.com/anonaddy/anonaddy/issues/593#issuecomment-1948788560

For those reading, https://stackoverflow.com/a/7874260/9731176 is an easy-to-understand explanation of VERP.

<!-- gh-comment-id:1949438091 --> @RokeJulianLockhart commented on GitHub (Feb 16, 2024): > https://github.com/anonaddy/anonaddy/issues/593#issuecomment-1948788560 For those reading, https://stackoverflow.com/a/7874260/9731176 is an easy-to-understand explanation of VERP.

kerem commented 2026-03-14 11:24:31 +03:00

Author

Owner

Copy link

@RokeJulianLockhart commented on GitHub (Jul 5, 2024):

https://github.com/anonaddy/anonaddy/issues/593#issuecomment-1948303477

@willbrowningme, I've had to put a few senders' messages in spam recently, because specific addresses routinely find new aliases and send mail to them - I can't constantly disable and replace my aliases just for a few specific spammers. However, I really don't want to be inadvertently telling my e-mail provider that the addy.io domain is spam, but without a way to block these senders at this level, I don't see much of an alternative except to utilize my provider's spam filtration feature. Luckily it's Proton, so hopefully the effect isn't as bad as if I were using MSFT, etc.

<!-- gh-comment-id:2211131799 --> @RokeJulianLockhart commented on GitHub (Jul 5, 2024): > https://github.com/anonaddy/anonaddy/issues/593#issuecomment-1948303477 @willbrowningme, I've had to put a few senders' messages in spam recently, because specific addresses routinely find new aliases and send mail to them - I can't constantly disable and replace my aliases just for a few specific spammers. However, I really don't want to be inadvertently telling my e-mail provider that the `addy.io` domain is spam, but without a way to block these senders at this level, I don't see much of an alternative except to utilize my provider's spam filtration feature. Luckily it's Proton, so hopefully the effect isn't as bad as if I were using MSFT, etc.

kerem commented 2026-03-14 11:24:36 +03:00

Author

Owner

Copy link

@willbrowningme commented on GitHub (Jul 6, 2024):

@RokeJulianLockhart Please do not mark any messages forwarded to you by addy.io as spam as it achieves nothing but to harm addy.io's sending reputation.

You can currently use your rules to block emails based on the sender, you could block an entire sender's domain.

You can also forward me the messages and I can look into blocking the spammers completely from the mail servers.

I still do plan to add a global blacklist but as mentioned above this would only work for the SMTP FROM address (envelope sender) and not the From: header.

<!-- gh-comment-id:2211721177 --> @willbrowningme commented on GitHub (Jul 6, 2024): @RokeJulianLockhart Please do not mark any messages forwarded to you by addy.io as spam as it achieves nothing but to harm addy.io's sending reputation. You can currently use your rules to block emails based on the sender, you could block an entire sender's domain. You can also forward me the messages and I can look into blocking the spammers completely from the mail servers. I still do plan to add a global blacklist but as mentioned above this would only work for the SMTP FROM address (envelope sender) and not the `From:` header.

kerem commented 2026-03-14 11:24:42 +03:00

Author

Owner

Copy link

@RokeJulianLockhart commented on GitHub (Jul 6, 2024):

https://github.com/anonaddy/anonaddy/issues/593#issuecomment-2211721177

@willbrowningme, I didn't realize that I could use rules for that. I'll try that. Where is that feature documented, though? I don't see it in bc626e80bfc3e21a8f9ae39fce987a33ad795e2a/README.md#faq. Can you confirm that the undermentioned is correct to block gracexiaomonv@qftechtalent.com being forwarded through k6x2vl0p@rokejulianlockhart.addy.io?

Most importantly, I don't see a way to select the value of X-Anonaddy-Original-Sender. I'm guessing that "Sender e-mail" means Reply-To...?

<!-- gh-comment-id:2211773742 --> @RokeJulianLockhart commented on GitHub (Jul 6, 2024): > https://github.com/anonaddy/anonaddy/issues/593#issuecomment-2211721177 @willbrowningme, I didn't realize that I could use rules for that. I'll try that. Where is that feature documented, though? I don't see it in [`bc626e80bfc3e21a8f9ae39fce987a33ad795e2a/README.md#faq`](https://github.com/anonaddy/anonaddy/blob/bc626e80bfc3e21a8f9ae39fce987a33ad795e2a/README.md#faq:~:text=for%20self%2Dhosting%20addy.io.-,FAQ,-Why%20is%20it). Can you confirm that the undermentioned is correct to block `gracexiaomonv@qftechtalent.com` being forwarded through `k6x2vl0p@rokejulianlockhart.addy.io`? >  Most importantly, I don't see a way to select the value of `X-Anonaddy-Original-Sender`. I'm guessing that "Sender e-mail" means `Reply-To`...?

kerem commented 2026-03-14 11:24:47 +03:00

Author

Owner

Copy link

@RokeJulianLockhart commented on GitHub (Dec 1, 2024):

https://github.com/anonaddy/anonaddy/issues/593#issuecomment-2211773742

@willbrowningme, there's a severe limitation to this method:

You cannot add more than 10 values per condition

...am I expected to make a new blocking rule every 10 blocks?

<!-- gh-comment-id:2510301641 --> @RokeJulianLockhart commented on GitHub (Dec 1, 2024): > https://github.com/anonaddy/anonaddy/issues/593#issuecomment-2211773742 @willbrowningme, there's a severe limitation to this method: > You cannot add more than 10 values per condition  ...am I expected to make a new blocking rule every 10 blocks?

kerem commented 2026-03-14 11:24:52 +03:00

Author

Owner

Copy link

@RokeJulianLockhart commented on GitHub (Sep 1, 2025):

#issuecomment-2510301641

I was rather foolish. Presumably, I'm able to add multiple conditions per rule, OR'd:

That's significantly more convenient. With issues/765, this issue shall be improved.

<!-- gh-comment-id:3242995775 --> @RokeJulianLockhart commented on GitHub (Sep 1, 2025): > [`#issuecomment-2510301641`](https://github.com/anonaddy/anonaddy/issues/593#issuecomment-2510301641) I was rather foolish. Presumably, I'm able to add multiple conditions per rule, `OR`'d: <p></p> <img width="768" height="1128" alt="Image" src="https://github.com/user-attachments/assets/8c701be3-ce5c-4c92-844a-656b41adf726" /> <p></p> That's significantly more convenient. With [`issues/765`](https://github.com/anonaddy/anonaddy/issues/765#issue-3373416760), this issue shall be improved.

kerem commented 2026-03-14 11:24:57 +03:00

Author

Owner

Copy link

@obadz commented on GitHub (Dec 23, 2025):

I'd suggest injecting an List-Unsubscribe header which the server would intercept to add the sender of that email to a special rule called "Block Senders" which which just blocks a list of senders. This would block them across all aliases but I think that's the desirable outcome.

<!-- gh-comment-id:3687873956 --> @obadz commented on GitHub (Dec 23, 2025): I'd suggest injecting an `List-Unsubscribe` header which the server would intercept to add the sender of that email to a special rule called "Block Senders" which which just blocks a list of senders. This would block them across all aliases but I think that's the desirable outcome.

kerem commented 2026-03-14 11:25:02 +03:00

Author

Owner

Copy link

@willbrowningme commented on GitHub (Feb 23, 2026):

This is now possible with the new blocklist feature.

You can also change the "List-Unsubscribe Behaviour" in your account settings to:

Always use one-click block sender email or Always use one-click block sender domain.

<!-- gh-comment-id:3945236628 --> @willbrowningme commented on GitHub (Feb 23, 2026): This is now possible with the new [blocklist](https://app.addy.io/blocklist) feature. You can also change the "List-Unsubscribe Behaviour" in your account [settings](https://app.addy.io/settings) to: `Always use one-click block sender email` or `Always use one-click block sender domain`.

kerem commented 2026-03-14 11:25:07 +03:00

Author

Owner

Copy link

@RokeJulianLockhart commented on GitHub (Feb 23, 2026):

@willbrowningme, thanks. However, I've begun to like your Rules-based approach, because I can decide the exact RegEx, and what I want to do to the received mail. Regardless, I'd require issues/819 to be completed, to transfer them, if I were to want to.

<!-- gh-comment-id:3946388890 --> @RokeJulianLockhart commented on GitHub (Feb 23, 2026): @willbrowningme, thanks. However, I've begun to like your Rules-based approach, because I can decide the exact RegEx, and what I want to do to the received mail. Regardless, I'd require [`issues/819`](https://github.com/anonaddy/anonaddy/issues/819#issue-3979436603) to be completed, to transfer them, if I were to want to.

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

v1.5.0

v1.4.1

v1.4.0

v1.3.8

v1.3.7

v1.3.6

v1.3.5

v1.3.4

v1.3.3

v1.3.2

v1.3.1

v1.3.0

v1.2.3

v1.2.2

v1.2.1

v1.2.0

v1.1.0

v1.0.9

v1.0.8

v1.0.7

v1.0.6

v1.0.5

v1.0.4

v1.0.3

v1.0.2

v1.0.1

v1.0.0

v0.14.1

v0.14.0

v0.13.13

v0.13.12

v0.13.11

v0.13.10

v0.13.9

v0.13.8

v0.13.7

v0.13.6

v0.13.5

v0.13.4

v0.13.3

v0.13.2

v0.13.1

v0.13.0

v0.12.3

v0.12.2

v0.12.1

v0.12.0

v0.11.2

v0.11.1

v0.11.0

v0.10.1

v0.10.0

v0.9.1

v0.9.0

v0.8.10

v0.8.9

v0.8.8

v0.8.7

v0.8.6

v0.8.5

v0.8.4

v0.8.3

v0.8.2

v0.8.1

v0.8.0

v0.7.5

v0.7.4

v0.7.3

v0.7.2

v0.7.1

v0.7.0

v0.6.2

v0.6.1

v0.6.0

v0.5.0

v0.4.0

v0.3.0

v0.2.13

v0.2.12

v0.2.11

v0.2.10

v0.2.9

v0.2.8

v0.2.7

v0.2.6

v0.2.5

v0.2.4

v0.2.3

v0.2.2

v0.2.1

v0.2.0

v0.1.6

v0.1.5

v0.1.4

v0.1.3

v0.1.2

v0.1.1

v0.1.0

Labels

Clear labels   

bug

  

pull-request

Mirrored from GitHub Pull Request

No labels

bug

pull-request

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/anonaddy#995

No description provided.