Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Block incoming emails from domain

Discussion in 'E-mail Discussions' started by DennisMidjord, Aug 1, 2017.

Tags:
  1. DennisMidjord

    DennisMidjord Well-Known Member

    Joined:
    Sep 27, 2016
    Messages:
    115
    Likes Received:
    7
    Trophy Points:
    18
    Location:
    Denmark
    cPanel Access Level:
    Root Administrator
    Is it possible to block incoming emails from a specific domain? Some of our users have setup contact forms without captchas and are being targeted with spam from a list of @qq.com emails. Is it possible to block emails from this domain completely?
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    41,475
    Likes Received:
    1,610
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
  3. DennisMidjord

    DennisMidjord Well-Known Member

    Joined:
    Sep 27, 2016
    Messages:
    115
    Likes Received:
    7
    Trophy Points:
    18
    Location:
    Denmark
    cPanel Access Level:
    Root Administrator
    That's seems easy.
    Code:
    if ("$h_from:" contains "@qq.com")
    then fail
    endif
    Would that do it?

    Also, just to be clear - would blocking all incoming messages from @qq.com accounts be a bad thing? I've never seen a legitimate email coming from any account with the qq.com domain.
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    41,475
    Likes Received:
    1,610
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    I don't see any harm in blocking all messages from a specific domain name if you know there is no legitimate mail sent from it. Here's an example of how the filter rule should look like:

    Code:
    if
     $header_from: contains "@qq.com"
    then
     if error_message then save "/dev/null" 660 else fail "Messages from this domain are blocked." endif
    endif
    Thank you.
     
    John W likes this.
  5. t4x0n

    t4x0n Registered

    Joined:
    Dec 14, 2017
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    Concepción, Chile
    cPanel Access Level:
    Root Administrator
    Hello,

    in case I need apply this rule to more than one email address or domain, is possible add more lines between "if" and "then"? or what is the method for that?

    Thank you!
     
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    41,475
    Likes Received:
    1,610
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Yes, you'd just insert it using "OR" like this:

    Code:
    if
     $header_from: contains "qqq.com"
     or $header_from: contains "zzz.com"
    then
     if error_message then save "/dev/null" 660 else fail "Messages from this domain are blocked." endif
    endif
    
    Thank you.
     
    EneTar likes this.
  7. EneTar

    EneTar Well-Known Member

    Joined:
    Dec 19, 2015
    Messages:
    121
    Likes Received:
    6
    Trophy Points:
    18
    Location:
    Greece
    cPanel Access Level:
    Root Administrator
    To block Hosts or Host ips we should use $sender_host_address or $received_ip_address instead of
    $header_from ?
     
  8. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    41,475
    Likes Received:
    1,610
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Per Exim's documentation:

    However, you should still be able to use the "Any Header" option with the "contains" operator to achieve the same thing (e.g. Any Header contains 10.1.1.1).

    Thank you.
     
    EneTar likes this.
  9. EneTar

    EneTar Well-Known Member

    Joined:
    Dec 19, 2015
    Messages:
    121
    Likes Received:
    6
    Trophy Points:
    18
    Location:
    Greece
    cPanel Access Level:
    Root Administrator
    Can you please describe how to modify this so that the email is discarded silently with no bounce message to the sender?
     
  10. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    41,475
    Likes Received:
    1,610
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    In this case, the rule would look something like this:

    Code:
    if
     $header_from: contains "abc.tld"
     or $header_from: contains "123.tld"
    then
     save "/dev/null" 660
    endif
    
    Note can create filter rules in cPanel (using a test account) and then view them from the command line as a method of determining which filter rules to utilize.

    Thank you.
     
    EneTar likes this.
Loading...

Share This Page