cPanel Email Filters: Those that i'm in bcc?

Is there any way to create an email filter for an account john@mydomain.com to filter all incoming emails that have john@mydomain.com to the bcc field ?

I would really appreciate any help

 

Thank you for your answer I have created a filter for the To: header by looking for

Code:

undisclosed-recipients:;

. While this doesn't answer the question really it helps.

 

Trying to setup a filter with 2 regex rules for bcc:

The first regex (rule) checks if there is john@domain.com at the Delivered-To or the Envelope-to headers

Code:

(?:[Ee]nvelope-[Tt]o\:\s*john\@domain\.com)|(?:[Dd]elivered-[Tt]o\:\s*john\@domain\.com)

So it should work in a filter where [any header] [matches regex] [1st regex]

the second regex (rule) checks if john@domain.com is not included in the To: and CC: headers

Code:

(?!(?:^[Tt]o\:\s*.*john\@domain\.com)|([Cc][Cc]\:\s*.*john\@domain\.com))

This should go [any header] [matches regex] [2nd regex]

Combined those 2 rules with a logical AND inside the cPanel filter should do the job. But it doesn't.

Do you see anything wrong?

 

I think the reason is something else. I built the 2 regex above by inspecting the source of the test email messages from the recipient's point of view which means as soon as they are delivered to the inbox. Actually i tried to test just the first regex alone and I expanded it to:

Code:

(?:[Ee]nvelope-[Tt]o\:\s*info\@domain\.com)|(?:[Dd]elivered-[Tt]o\:\s*info\@domain\.com)|(?:[Ff]or\s*<info\@domain\.com>)

It works very well (confirmed by the cPanel test filter) for this:

Code:

Return-Path: <sender@yahoo.com>
Delivered-To: info@domain.com
Received: from my.hostname.eu
    by my.hostname.eu with LMTP id 4IBbNGmtbFr0NQAAnaC/hg
    for <info@domain.com>; Sat, 27 Jan 2018 18:48:41 +0200
Return-path: <sender@yahoo.com>
Envelope-to: info@domain.com
Delivery-date: Sat, 27 Jan 2018 18:48:41 +0200
Received: from sonic315-20.consmr.mail.ne1.yahoo.com ([66.163.190.146]:40241)
    by my.hostname.eu with esmtps (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128)
    (Exim 4.89_1)
    (envelope-from <sender@yahoo.com>)
    id 1efRfe-0006Zf-OE
    for info@domain.com; Sat, 27 Jan 2018 18:48:41 +0200

in reality though the actual email is not filtered. I guess that none of the 3 headers:

1. Delivered-To: info@domain.com
2. Envelope-To: info@domain.com
3. for <info@domain.com>

are set during the time that Exim evaluates the filter. So how can we know what Exim sees at the time of the evaluation of the filter to build a proper regex?