1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How Do I Block One Domain From Sending Email From My Server?

Discussion in 'E-mail Discussions' started by ambition13, Jul 29, 2011.

  1. ambition13

    ambition13 Member

    Joined:
    Jan 24, 2006
    Messages:
    35
    Likes Received:
    0
    Trophy Points:
    6
    Hello,

    I have one user who is getting hacked a lot and the account is sending out spam emails. I want to disable just his account from being able to send mail at all until he can get his script updated or changed. Any way to do this?

    Many thanks.
     
  2. cPanelTristan

    cPanelTristan Active Member
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,621
    Likes Received:
    4
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    You can try the following steps. First, in root SSH, run these commands:

    Code:
    touch /etc/blockeddomains
    echo "domain.com" >> /etc/blockeddomains
    Please replace domain.com with the domain name. Do not replace the "" part as that's required, only the domain.com part with the right domain name.

    In WHM > Exim Configuration Editor > Advanced Editor, put the following in the topmost box:

    Code:
    domainlist blocked_domains = lsearch;/etc/blockeddomains
    Locate the "ROUTERS CONFIGURATION" section, and right below these lines:

    Put the following lines:

    Code:
    reject_domains:
    
    driver = redirect
    # RBL Blacklist incoming hosts
    domains = blocked_domains
    allow_fail
    data = :fail: Connection rejected: SPAM source $domain is manually blacklisted.
     
  3. ambition13

    ambition13 Member

    Joined:
    Jan 24, 2006
    Messages:
    35
    Likes Received:
    0
    Trophy Points:
    6
    Wow, talk about a fast response! It seems to be working so far. If I go to re-enable the banned domain is it recommended that I remove all of the things I just added? Or just remove it from the /etc/blockeddomains? Thanks very much.
     
  4. GatorJoshD

    GatorJoshD New Member

    Joined:
    Jul 31, 2011
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    You can always modify the account in WHM and change the outgoing mail limit to zero.
     
  5. Indianets

    Indianets Member

    Joined:
    Jun 13, 2008
    Messages:
    65
    Likes Received:
    0
    Trophy Points:
    6
    And, this will set the sending limit for this domain to "Unlimited" :p Unfortunately, 0 implies "unlimited" in this contrast, so you are going to remove all the limits set on the server for this domain.
     
  6. Indianets

    Indianets Member

    Joined:
    Jun 13, 2008
    Messages:
    65
    Likes Received:
    0
    Trophy Points:
    6
    You can simply clean the file and let it be there -

    Code:
    echo > /etc/blockeddomains
     
  7. alexmack

    alexmack New Member

    Joined:
    Jul 23, 2010
    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    1
    how can i do this but block all domains except ones i whitelist?
     
  8. SoftDux

    SoftDux Member

    Joined:
    May 27, 2006
    Messages:
    986
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Johannesburg, South Africa
    That's actually a good idea and I would like to know how todo this as well.
     
  9. cPanelTristan

    cPanelTristan Active Member
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,621
    Likes Received:
    4
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    You could revise /etc/localdomains file to only have the whitelisted domains and place those other domains into /etc/remotedomains file, which would prevent those domains from being able to properly send. Any domain in /etc/remotedomains file will not be placed back into /etc/localdomains file.
     
  10. dtwyman

    dtwyman New Member

    Joined:
    Feb 27, 2008
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Aliso Viejo, CA
    Hi,

    I tried the ‘blocked_domians’ solution with the latest version of cPanel and it isn’t working. Has anything changed with respect to this solution in the latest version of cPanel? I’m simply trying to disallow my demo user from sending email.
     
  11. cPanelTristan

    cPanelTristan Active Member
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,621
    Likes Received:
    4
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    How precisely is it not working? Is it PHP mail() or using sendmail, or it is sending via webmail and/or an email client? Are you receiving any type of error message or otherwise? Please provide as many details as possible. Thanks!
     
  12. dtwyman

    dtwyman New Member

    Joined:
    Feb 27, 2008
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Aliso Viejo, CA
    Thanks for the quick response.

    After implementing the ‘blocked_domains’ solution, I log into the demo account and then into webmail. From there I can send an email. There’s no errors. It just that I can send email from my demo account and so can spammers which is the problem I am trying to solve.
     
  13. SoftDux

    SoftDux Member

    Joined:
    May 27, 2006
    Messages:
    986
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Johannesburg, South Africa

    Can you please update these instructions for WHM 11.32.x?

    The layout has changed a lot
     
  14. cPanelTristan

    cPanelTristan Active Member
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,621
    Likes Received:
    4
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    Yes, it has changed to the point that the editor is more difficult to give easy instructions to follow. For example, the topmost box is no longer at the top but towards the middle now. I'll see what I can do.
     
  15. sawbuck

    sawbuck Active Member

    Joined:
    Jan 18, 2004
    Messages:
    1,356
    Likes Received:
    3
    Trophy Points:
    38
    Tristan,

    Just moved to 11.32.3.19 and wanted to confirm the steps we took to re-enable this directive.

    Exim Advanced Editor > Section: CONFIG scroll down to "Add additional configuration setting".

    In the form that appears add:
    Code:
    domainlist blocked_domains = lsearch;/etc/blockeddomains
    Then scroll down to the Section: ROUTERSTART which is below the democheck entry and add:
    Code:
    reject_domains:
    
    driver = redirect
    # RBL Blacklist incoming hosts
    domains = blocked_domains
    allow_fail
    data = :fail: Connection rejected: SPAM source $domain is manually blacklisted.
    Just to double check, tail -f /var/log/exim_paniclog or if you're running CSF and have Log Scanner enabled from the command line run "/usr/sbin/csf --logrun" and check if any errors are reported.
     
  16. leonex

    leonex New Member

    Joined:
    Jan 12, 2012
    Messages:
    23
    Likes Received:
    0
    Trophy Points:
    1
    Hello, this solution don't work. How i can blocked domain for send email from my server on WHM 11.32.4 (build 14)
    Thank you and sorry for my english
     
  17. ruzbehraja

    ruzbehraja Member

    Joined:
    May 19, 2011
    Messages:
    333
    Likes Received:
    0
    Trophy Points:
    16
    Did you try this?
     
  18. leonex

    leonex New Member

    Joined:
    Jan 12, 2012
    Messages:
    23
    Likes Received:
    0
    Trophy Points:
    1
    Hello, thank you for your reply, i ttried but don't work. in exim_paniclog i see this error but iline 99 is emty in exim.conf and not is file /etc/exim.conf.test.work.WOyoSoBtybZBETjw: or similiar file
    this error
    2012-09-07 00:52:00 Exim configuration error in line 99 of /etc/exim.conf.test.work.WOyoSoBtybZBETjw:
    router name missing
    ---
    today i tried again, error don't is and not blocked domain.
     
    #18 leonex, Sep 7, 2012
    Last edited: Sep 7, 2012
  19. sawbuck

    sawbuck Active Member

    Joined:
    Jan 18, 2004
    Messages:
    1,356
    Likes Received:
    3
    Trophy Points:
    38
    Yes. It was working as of 11.32.3.9 but now isn't on 11.32.4.14.

    As was stated in a different thread, removing the domain from /etc/localdomains will also block the domain from sending.
     
  20. leonex

    leonex New Member

    Joined:
    Jan 12, 2012
    Messages:
    23
    Likes Received:
    0
    Trophy Points:
    1
    Please write me link of other thread. Tahnk you
     

Share This Page