The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Blocking all cpanel users from emailing specific domains/email accounts

Discussion in 'E-mail Discussions' started by dusanf, May 20, 2016.

  1. dusanf

    dusanf Member

    Joined:
    Jul 22, 2009
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    DataCenter Provider
    Hi,

    What I`m trying to pull out is to prevent all cPanel users from specific dedicated server to email a specified, pre-made, list of domains or email addresses. This is to avoid spam traps and similar.

    I came across a lot of topics for my issue on this forum and other forums but none had answer to my question fully.

    Has anyone succeeded doing this?

    This does seam like a good place to start How to Customize the Exim System Filter File - cPanel Knowledge Base - cPanel Documentation but i`d like to hear some more opinions first.
     
  2. sarath8372

    sarath8372 Active Member

    Joined:
    Jan 6, 2015
    Messages:
    35
    Likes Received:
    5
    Trophy Points:
    8
    Location:
    Kochi, India
    cPanel Access Level:
    Root Administrator
    Hello,

    If you are trying to block outbound spam mails, you can try enabling scan outgoing mail with Apache SpamAssassin option in Exim configuration. Please see : Scan Outgoing Mail - Documentation - cPanel Documentation

    Also you may create an exim filter with something like below :

    Code:
    if $header_to: contains "@domain.com"
    then
    fail text "Your message to inform email users about the problem..."
    seen finish
    endif
    if not first_delivery
    then
    finish
    endif
    Hope this helps..
     
    dusanf likes this.
  3. dusanf

    dusanf Member

    Joined:
    Jul 22, 2009
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    DataCenter Provider
    Hi,

    We have a dating site and users often submit invites to their entire contact list to register but that often gives negative effects and spam reports so we are looking to block certain domains for example.

    Could you please tell me how would custom exim rule look like for multiple domains, I guess like this:

    Code:
    if $header_to: contains "@domain.com"
    then
    fail text "Your message to inform email users about the problem..."
    endif
    if $header_to: contains "@domain2.com"
    then
    fail text "Your message to inform email users about the problem..."
    endif
    
    and so on and so on...
    
    I will check apache spam assassin option for outbound, thanks!
     
  4. sarath8372

    sarath8372 Active Member

    Joined:
    Jan 6, 2015
    Messages:
    35
    Likes Received:
    5
    Trophy Points:
    8
    Location:
    Kochi, India
    cPanel Access Level:
    Root Administrator
    You can use or/and operators instead of writing filter rule, action/message for each domain. Pasting below a sample filter (tested and working).

    Code:
    if ("$h_to:, $h_cc:" contains "@domain.com")
    or ("$h_to:, $h_cc:" contains "@domain.com")
    then
    fail text "Your message to inform email users about the problem..."
    seen finish
    endif
    if not first_delivery
    then
    finish
    endif
     
  5. dusanf

    dusanf Member

    Joined:
    Jul 22, 2009
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    DataCenter Provider
    Thanks, that clarifies things to me a lot, do you maybe know is it possible to provide that filter path to a file that will containt list of mail addresses or domains? I have a lot of emails and domains on my list I wish to block
     
  6. sarath8372

    sarath8372 Active Member

    Joined:
    Jan 6, 2015
    Messages:
    35
    Likes Received:
    5
    Trophy Points:
    8
    Location:
    Kochi, India
    cPanel Access Level:
    Root Administrator
    Here you go :)

    Code:
    for i in `cat /root/block_list.txt` ; do
    if ("$h_to:, $h_cc:" contains "$i")
    then
    fail text "Your message to inform email users about the problem..."
    seen finish
    endif
    if not first_delivery
    then
    finish
    endif
    done
    Create the filter file in folder : /usr/local/cpanel/etc/exim/sysfilter/options/ and once created, rebuild exim conf.

    Code:
    /scripts/buildeximconf
    Note : Make sure to replace the fail message with your custom message. You can add domains or email addresses in the block list file.
     
    dusanf likes this.
  7. dusanf

    dusanf Member

    Joined:
    Jul 22, 2009
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    DataCenter Provider
    Damn, you are good :) Thank you very much, I will test this tomorrow or day after and let you know how it went.
    I'm very new to exim custom scripting and this helps me a lot, thanks again!
     
  8. dusanf

    dusanf Member

    Joined:
    Jul 22, 2009
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    DataCenter Provider
    Seams for cant be used, im reading more on this as we speak but nothing seams helpful when its a case to read a file with list of domains/emails to be blocked to receive email

    LOG: MAIN
    cwd=/usr/local/cpanel/whostmgr/docroot 4 args: exim -v -M 1b4twT-0003wh-U7
    delivering 1b4twT-0003wh-U7
    LOG: MAIN PANIC
    Error in system filter: unknown filtering command "for" near line 240 of filter file
     
  9. sarath8372

    sarath8372 Active Member

    Joined:
    Jan 6, 2015
    Messages:
    35
    Likes Received:
    5
    Trophy Points:
    8
    Location:
    Kochi, India
    cPanel Access Level:
    Root Administrator
    Hello,

    I tested the filter on my cPanel VM before posting it here and it worked fine. Could you please let me know how you deployed the filter on your server?
     
  10. sarath8372

    sarath8372 Active Member

    Joined:
    Jan 6, 2015
    Messages:
    35
    Likes Received:
    5
    Trophy Points:
    8
    Location:
    Kochi, India
    cPanel Access Level:
    Root Administrator
    Hello,

    I am really sorry, I just rebuilt exim conf and noticed the same error. On further investigation, I learned that exim only allows few filtering commands in filter rule. So using for loop in filter file won't work. But I just created a script as a work around.

    Create filter file in folder : /usr/local/cpanel/etc/exim/sysfilter/options/ with one domain in it as follows.

    Code:
    if ("$h_to:, $h_cc:" contains "@domain.com")
    then
    fail text "Emails to this domain/mail address is temporarily blocked by the Administrator"
    seen finish
    endif
    if not first_delivery
    then
    finish
    endif
    Then create a file with list of rest of the domains/mail addresses that you want to block. Once created, run below script to add all the domains/email addresses from the file to custom filter.

    Code:
    for i in `cat /root/block_list.txt` ; do for j in `grep -n "contains" /usr/local/cpanel/etc/exim/sysfilter/options/filter_file | cut -d: -f1 | tail -1` ; do let "j++" ; sed -i "$(echo $j)i $(echo 'or ("$h_to:, $h_cc:" contains "'$i'")')" /usr/local/cpanel/etc/exim/sysfilter/options/filter_file ; done ; done
    If you are adding domains/email addresses later, you can use below script for checking and removing duplicates from block list before adding them to filter file. The script will display duplicate domains/email addresses if any found.

    Code:
    for i in `cat /root/block_list.txt` ; do grep $i /usr/local/cpanel/etc/exim/sysfilter/options/filter_file > /tmp/new ; if [ $? = 0 ] ; then echo -e "\n\nFile contains duplicates :" ; cut -d'"' -f4 /tmp/new ; sed -i.bak "/${i}/d" /root/block_list.txt ; fi ; done
    I hope this will help.

    Notes :

    1) If a mail contains any of the domains/mail addresses added in filter file in "To" or "Cc" fields, the mail will be blocked and won't be delivered to any of the recipients.

    2) The second script will remove domain.com from block list file, if user@domain.com found in filter file. But it will take a backup of the file as "block_list.bak" before removing lines from the file. So check for the duplicate domain/email address displayed after running the script.

    3) Make sure to replace "/usr/local/cpanel/etc/exim/sysfilter/options/filter_file" (custom filter file) and "/root/block_list.txt" (list of domains/mail addresses to be blocked) in scripts with your file names.
     
    cPanelMichael likes this.
  11. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello,

    The steps listed in the previous response should meet your filter requirements. Feel free to update us on the outcome after implementing those filter rules.

    Thank you.
     
  12. Vince0916

    Vince0916 Registered

    Joined:
    Nov 3, 2016
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Philippines
    cPanel Access Level:
    Root Administrator

    Hi,

    Where did you code this?

    Could you help me or any steps to perform this.

    Thank you.
     
  13. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  14. george valley

    george valley Registered

    Joined:
    Aug 17, 2016
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Indore
    cPanel Access Level:
    Website Owner
    if ("$h_to:, $h_cc:" contains "@domain.com")
    then
    fail text "Emails to this domain/mail address is temporarily blocked by the Administrator"
    seen finish
    endif
    if not first_delivery
    then
    finish
    endif
     
  15. Vince0916

    Vince0916 Registered

    Joined:
    Nov 3, 2016
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Philippines
    cPanel Access Level:
    Root Administrator
    Hi,

    I tried this code below, and it is working during sending email to yahoo.com and gmail.com but the fail text message didn't function it should be i receive email or bounce back that "Email to this mail address is temporarily blocked by the Administrator".
    Code:
    if ("$header_to:, $header_cc:" contains "@yahoo.com")
    then
    if ("$header_to:, $header_cc:" contains "@gmail.com")
    fail text "Email to this mail address is temporarily blocked by the Administrator"
    seen finish
    endif
    endif
    if not first_delivery
    then
    finish
    endif
    
    Hoping for your immediate response with this concern.

    Thank you.
     
    #15 Vince0916, Nov 17, 2016
    Last edited by a moderator: Nov 17, 2016
Loading...

Share This Page