The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Blocking whole domains for incoming email - two solutions!

Discussion in 'E-mail Discussions' started by serichards, Feb 25, 2014.

  1. serichards

    serichards Well-Known Member

    Joined:
    Dec 11, 2012
    Messages:
    48
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Website Owner
    For days I have been trying to work out how to do this with WHM. For some reason methods which should work and do work for others just don't for me.

    So far I have found two solutions that do work.

    /http://forum.ahosting.net/f15/how-manually-block-reject-emails-domain-exim-662.html

    You need ssh access ideally to create and edit the blacklist file. It worked straight away with no fuss and no mess. Senders from those domains are rejected with a permanent fail but your normal sender verify errors or similar are also sent as it is further down in the exim process.

    If you follow the first step of that method you can also use the ACL to block those senders earlier in the process then:

    Scroll down to the acl_smtp_mail and find the custom_begin_mail section. Tick it and stick this in:

    deny sender_domains = +exim_blacklist


    message = $domain is manually blacklisted in ACL.​

    exim_blacklist is the name you gave your blacklist file which is set in the ACL as shown in the link.

    For some reason if you do the same with a normal domain list instead of the filename of a domain list it just doesn't work and exim blocks all mail with the same error. I spent ages fiddling around and couldn't get it to the same with a list in the ACL itself rather than referencing the list object created previously. I do not understand why this is the case. I'm assuming it is some kind of bug or delimiter issues as it makes no rational sense for it to work perfectly well with the same domains listed in a file and not work when make a list within the ACL section itself. Maybe some exim guru can explain why this is the case? WHM doesn't flag it up as a syntactic error either so there is no way of knowing why this doesn't appear to work as you'd expect.

    I hope this helps others as it is such a useful thing to be able to do and something as a previous plesk user it is achieved in plesk in about 2 minutes as that has a server wide blacklist that takes domains, ips or wildcarded domains.

    There's some very useful stuff in this link too:

    /http://technotes.trostfamily.org/?p=184
    Building a Poor Man’s Barracuda – cPanel edition - Tech Notes
     
  2. vanessa

    vanessa Well-Known Member
    PartnerNOC

    Joined:
    Sep 26, 2006
    Messages:
    817
    Likes Received:
    22
    Trophy Points:
    18
    Location:
    Virginia Beach, VA
    cPanel Access Level:
    DataCenter Provider
    This is pretty interesting - thanks for sharing. Perhaps maybe a mod will sticky this? :)
     
  3. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,474
    Likes Received:
    202
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Why not post this to your original thread on same topic?
     
  4. serichards

    serichards Well-Known Member

    Joined:
    Dec 11, 2012
    Messages:
    48
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Website Owner
    This thread is about the solutions so needs to have them right at the top where they can be found easily and help others. They won't help anyone buried in a thread with a now irrelevant title and endless posts about how nothing works... :)
     
  5. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    Where actually do you put the exim_blacklist list? And I am assuming if the name of your list is "eximblacklist" Then the line to include is this?

    deny sender_domains = +eximblacklist

    But for the life of me, I am unable to get anything but "unknown named domain list" in the exim logs. Tried just about everything at this time. I assume there is some relative path in exim somewhere, to put these kinds of files, but I am so far unable to find what the proper location should be.
     
  6. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    Okay, never mind, I think I got it.

    I put 2 and 2 together after reading this post as well:
    http://forums.cpanel.net/f43/exim-how-block-domains-239182.html

    And I figured that I should just take the file name literally, as in, actually naming the file "exim_blacklist", and insert it in /etc which, was not quite clear in this post.
     
  7. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    Okay, now what's this?

    I go back to the WHM > Exim conf > Advanced

    And I then I re-locate the custom_begin_mail field where I had only a moment ago added the following:

    deny sender_domains = +/etc/exim_blacklist
    message = $domain is manually blacklisted in ACL.


    But now it's gone. The field is blank, and also there are no such settings in /etc/exim.conf

    What the heck?
     
  8. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    Okay, this works, and I am glad this person Tokenbird, posted this solution, after 14 solid hours of effort, and trying a bazillion different methods, this is the only method I found that actually works:

    /http://www.tokenbird.me.uk/2014/02/19/blocking-email-senders-by-domain-via-cpanelwhm/

    By the way, I totally agree with the editorial content of the above post:


     
  9. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    Update:

    The method described at ahosting.net, and at tokenbird.me.uk, block both the incoming and outgoing email. That is, if the email message is sent TO or FROM a domain in the blacklist, then it is blocked.

    In other words, the comment line in the tokenbird.me.uk, "# RBL Blacklist incoming hosts" is erroneous, that is, with regard to the word "incoming".

    So now I am looking for a method to alter this, so that only incoming FROM domains are blocked.

    Anyone?
     
  10. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
Loading...

Share This Page