cPanel Email Filters: Those that i'm in bcc?

[EneTar]

Is there any way to create an email filter for an account [email protected] to filter all incoming emails that have [email protected] to the bcc field ?

I would really appreciate any help

 

[cPanelMichael]

Hello,

Per our email filter documentation:

Generally, the recipient does not receive the BCC field in an email's header. For this reason, you cannot use the BCC field in a filter.

If the header were not removed, the recipient would be a carbon copy (CC), as opposed to a blind carbon copy (BCC).

Thank you.

 

[EneTar]

Thank you for your answer I have created a filter for the To: header by looking for

undisclosed-recipients:;

. While this doesn't answer the question really it helps.

 

[EneTar]

Trying to setup a filter with 2 regex rules for bcc:

The first regex (rule) checks if there is [email protected] at the Delivered-To or the Envelope-to headers

(?:[Ee]nvelope-[Tt]o\:\s*john\@domain\.com)|(?:[Dd]elivered-[Tt]o\:\s*john\@domain\.com)

So it should work in a filter where [any header] [matches regex] [1st regex]

the second regex (rule) checks if [email protected] is not included in the To: and CC: headers

(?!(?:^[Tt]o\:\s*.*john\@domain\.com)|([Cc][Cc]\:\s*.*john\@domain\.com))

This should go [any header] [matches regex] [2nd regex]

Combined those 2 rules with a logical AND inside the cPanel filter should do the job. But it doesn't.

Do you see anything wrong?

 

[cPanelMichael]

Hello,

You may want to try using the "does not match" option for the operator and then utilize a normal regular expression (instead of using a negative regular expression for "matches regex"). There's some discussion of this on the following thread:

Email filter matching a negative regex

Thank you.

 

[EneTar]

I think the reason is something else. I built the 2 regex above by inspecting the source of the test email messages from the recipient's point of view which means as soon as they are delivered to the inbox. Actually i tried to test just the first regex alone and I expanded it to:

(?:[Ee]nvelope-[Tt]o\:\s*info\@domain\.com)|(?:[Dd]elivered-[Tt]o\:\s*info\@domain\.com)|(?:[Ff]or\s*<info\@domain\.com>)

It works very well (confirmed by the cPanel test filter) for this:

Return-Path: <[email protected]>
Delivered-To: [email protected]
Received: from my.hostname.eu
    by my.hostname.eu with LMTP id 4IBbNGmtbFr0NQAAnaC/hg
    for <[email protected]>; Sat, 27 Jan 2018 18:48:41 +0200
Return-path: <[email protected]>
Envelope-to: [email protected]
Delivery-date: Sat, 27 Jan 2018 18:48:41 +0200
Received: from sonic315-20.consmr.mail.ne1.yahoo.com ([66.163.190.146]:40241)
    by my.hostname.eu with esmtps (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128)
    (Exim 4.89_1)
    (envelope-from <[email protected]>)
    id 1efRfe-0006Zf-OE
    for [email protected]; Sat, 27 Jan 2018 18:48:41 +0200

in reality though the actual email is not filtered. I guess that none of the 3 headers:

1. Delivered-To: [email protected]
2. Envelope-To: [email protected]
3. for <[email protected]>

are set during the time that Exim evaluates the filter. So how can we know what Exim sees at the time of the evaluation of the filter to build a proper regex?

 

[cPanelMichael]

Hello,

Support for custom filter rules using regular expressions is generally outside our scope of support, however you may want to try using the "does not match" option for the operator and then utilize a normal regular expression (instead of using a negative regular expression for "matches regex") to see if you notice any change in behavior.

Thank you.