Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

custom exim filter for incoming mail

Discussion in 'E-mail Discussion' started by amjad.q, Mar 18, 2018.

Tags:
  1. amjad.q

    amjad.q Member

    Joined:
    Jul 2, 2016
    Messages:
    22
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    India
    cPanel Access Level:
    Root Administrator
    I would like to add a custom exim filter files for incoming mail which has a link with "php?" then delivered it to spam folder or mark it as spam like give it a spam score

    I can't use the SpamAssassin for that becouse the SpamAssassin doesn't scan the mail which has a big size , no recommended to make the SpamAssassin scanning large messages that can lead to increased CPU or memory usage


    so the exim filter look like below , but I couldn't complete its wording to do what I need

    ===================
    #links with .php & html - roul
    if
    $message_body contains ".php?"
    and $message_body contains "http"
    then
    .........
    endif
    ===================

    Thanks
     
    #1 amjad.q, Mar 18, 2018
    Last edited: Mar 18, 2018
  2. 24x7server

    24x7server Well-Known Member

    Joined:
    Apr 17, 2013
    Messages:
    1,890
    Likes Received:
    91
    Trophy Points:
    78
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hi,
    You can use /etc/antivirus.empty file to check if you are get use it for your benefit. I happen to not find appropriate link because of some restrictions on this forum. However, if you search for antivirus.empty file in Google, you can get the parameters that you can put to test..
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. amjad.q

    amjad.q Member

    Joined:
    Jul 2, 2016
    Messages:
    22
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hello,

    Thanks 24x7server , After searching about antivirus.exim I reached to the same point , I can write the condition but I can't write how to make it do what I need ( delivered it to spam folder or mark it as spam like give it a spam score )

    Code:
    if
    $message_body contains "http" and
    $message_body contains "php?"
    
    then
    ........
    endif

    anyone can advise
     
  4. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    1,150
    Likes Received:
    64
    Trophy Points:
    28
    cPanel Access Level:
    Root Administrator
    would 'then fail' not do what you want ?
     
  5. amjad.q

    amjad.q Member

    Joined:
    Jul 2, 2016
    Messages:
    22
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    India
    cPanel Access Level:
    Root Administrator
    I wouldn't make them fail , I want delivered to spam folder
     
  6. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    46,390
    Likes Received:
    2,047
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    I believe you'd want to use the "Deliver to Folder" filter action. EX:

    Code:
    save "$home/mail/$domain/$local_part/.Spam/" 660
    Note the ".Spam" folder would need to exist under all accounts for this to work, so you'd need to ensure that occurs. There's a thread on that topic at:

    Deliver Spam to Spam folder, globally

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    amjad.q likes this.
  7. amjad.q

    amjad.q Member

    Joined:
    Jul 2, 2016
    Messages:
    22
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hello,

    I have tested it but it didn't work with me , the mail didn't deliver at all , not to inbox or spam box ,Even when I checked the Mail Delivery Reports the email not exist



    The Spam Box is enable and the .spamassassinboxenable file already exist and the spam box show in the email window , But when I check the email files there 3 files only (cur , new and tmp)

    below the rule which I used

    Code:
    if ("$h_from:" contains "email@mydomain.com")
       then
        save "$home/mail/$domain/$local_part/.Spam/" 660
      endif
    Note : the exim filter work with me normal when I use another rule

    Thanks
     
  8. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    46,390
    Likes Received:
    2,047
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    These type of custom rules are unsupported. It's possible the custom filter rule needs to be modified further, or you did not correctly setup the filter. Can you verify the specific steps you took to add the filter and then the specific steps you took to test it?

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. amjad.q

    amjad.q Member

    Joined:
    Jul 2, 2016
    Messages:
    22
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hello,

    I have added my file in /usr/local/cpanel/etc/exim/sysfilter/options/ , then I enabled my new filter from Exim Configuration Manager >filters and saved

    Then I have take loot at /etc/cpanel_exim_system_filter , it's show my new rule has been added normal as below
    Code:
    # END - Included from /usr/local/cpanel/etc/exim/sysfilter/options/attachments
    
    # BEGIN - Included from /usr/local/cpanel/etc/exim/sysfilter/options/my_test_rule
    # (Use the Basic Editor in the Exim Configuration Manager in WHM to change)
    # or manually edit /etc/exim.conf.localopts and run /scripts/buildeximconf
    if ("$h_from:" contains "xxxx@gmail.com")
       then
        save "$home/mail/$domain/$local_part/.Spam/" 660
      endif
    # END - Included from /usr/local/cpanel/etc/exim/sysfilter/options/my_test_rule
    
    # BEGIN - Included from /usr/local/cpanel/etc/exim/sysfilter/options/spam_rewrite
    Then I tested to send email from my gmail account which in the rule to email account in my server
     
  10. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    46,390
    Likes Received:
    2,047
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    In "WHM >> Exim Configuration Manager", under the "Filters" tab, are you using a custom filter for the "System Filter File" option? If so, you'd need to add your custom filter rules to that custom system filter file itself instead of adding them as separate filter files under the options directory. There's a thread on this topic at:

    Exim custom filter not working

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  11. amjad.q

    amjad.q Member

    Joined:
    Jul 2, 2016
    Messages:
    22
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Yes , I'm using System Filter File and my filter has been added to cpanel_exim_system_filter as I reported above

    The filter work when I use another action as (fail) ,But when I use the action (save "$home/mail/$domain/$local_part/.Spam/" 660) , I dosn't work

    Code:
    if ("$h_from:" contains "xxxx@gmail.com")
    then
     fail
    The above filter work with me but the below filter doesn't work

    Code:
    if ("$h_from:" contains "xxxx@gmail.com")
       then
        save "$home/mail/$domain/$local_part/.Spam/" 660
      endif
    My problem with the action


    Thanks you
     
  12. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    46,390
    Likes Received:
    2,047
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    It's possible that specific rule won't work for the purpose you intend it to. It's only offered as an example submitted by another user at:

    Deliver Spam to Spam folder, globally

    You may want to consider reaching out to a system administrator or posting to the Exim User's mailing list for help developing a custom Exim system filter rule that does what you need it to do, as it's typically outside the scope of support we can provide:

    System Administration Services | cPanel Forums
    Exim-users Info Page

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  13. amjad.q

    amjad.q Member

    Joined:
    Jul 2, 2016
    Messages:
    22
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hello,

    what about if can do the purpose by different way , if there action to change the Spam static for example
    Code:
    if ("$h_from:" contains "xxxx@gmail.com")
       then
        X-Spam-Score = Yes
      endif
    OR
    Code:
    if ("$h_from:" contains "xxxx@gmail.com")
       then
        spam_score = 100
      endif
    We just need to make the email be as spam and delivered to spam folder by anyway from the exim filter , so can we control or change the spam static form the EXIM ?

    I wish if anyone have information advise us

    Thanks you
     
  14. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    46,390
    Likes Received:
    2,047
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  15. stormy

    stormy Well-Known Member

    Joined:
    Nov 22, 2003
    Messages:
    133
    Likes Received:
    11
    Trophy Points:
    168
    Location:
    Spain
    cPanel Access Level:
    Root Administrator
    I know that this is unsupported, but this is the error that appears in the exim_mainlog when trying this:

    Code:
    == /mail///.Spam/ <system-filter> routing defer (-1): system_filter_directory_transport is unset
    So I can see the variables are not working. Also in my system the .spam folder begins with lowercase "s", but that doesn't fix the problem.

    Any ideas?
     
  16. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    46,390
    Likes Received:
    2,047
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hi @stormy,

    The following method is unsupported and untested, but it was provided by a customer in a support ticket and reported to address a similar issue:

    1. Remove 660 from the filter line:

    Code:
    save "$home/mail/$domain/$local_part/.Spam/" 660
    So that it looks like this:

    Code:
    save "$home/mail/$domain/$local_part/.Spam/"
    Then, browse to WHM >> Exim Configuration Manager >> Advanced Editor and add the following entries to the CONFIG and TRANSPORTSTART sections:

    SECTION CONFIG >> Add Additional Configuration Setting:

    Code:
    system_filter_directory_transport = custom_spam_filter
    Section: TRANSPORTSTART

    Code:
    custom_spam_filter:
    driver = appendfile
    delivery_date_add
    envelope_to_add
    return_path_add
    group = cpaneleximfilter
    user = cpaneleximfilter
    mode = 0660
    maildir_format = true
    create_directory = true
    Let me know if this helps.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  17. stormy

    stormy Well-Known Member

    Joined:
    Nov 22, 2003
    Messages:
    133
    Likes Received:
    11
    Trophy Points:
    168
    Location:
    Spain
    cPanel Access Level:
    Root Administrator
    Thank you. I ended up using a simple custom SpamAssassin rule to deal with my particular problem, so I haven't tried it, but I appreciate you providing the solution. I might need it in the future.
     
    cPanelMichael likes this.
  18. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    46,390
    Likes Received:
    2,047
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    I'm glad to see you were able to address the issue. Do you mind sharing the specific rule you setup?

    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  19. stormy

    stormy Well-Known Member

    Joined:
    Nov 22, 2003
    Messages:
    133
    Likes Received:
    11
    Trophy Points:
    168
    Location:
    Spain
    cPanel Access Level:
    Root Administrator
    Oh I simply added:
    Code:
    blacklist_from *@BADDOMAINHERE.com
    to /etc/mail/spamassassin/local.cf
     
    cPanelMichael likes this.
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice