Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Drop e-mails from wildcard domain

Discussion in 'E-mail Discussion' started by casey, Oct 29, 2006.

  1. casey

    casey Well-Known Member

    Joined:
    Jan 17, 2003
    Messages:
    2,303
    Likes Received:
    0
    Trophy Points:
    191
    I am having a terrible time with a certain spammer. They are sending e-mails from a single domain, but they're using something like 150 subdomains all with different IP addresses to send the spam. I want to block this domain serverwide with all its subdomains as well. Is there some way I can use wildcards in an exim ACL?

    I have seen the following code:
    Code:
    drop senders = baduser@baddomain.com
           message = Spam or Mail Bombing activity
    How can I make that something like baduser@*.baddomain.com? Can I use an asterisk in there?
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,460
    Likes Received:
    21
    Trophy Points:
    463
    Location:
    Go on, have a guess
    Look in the exim mailing list I've seen hints that it should work with wilcarding like that. Have a go with what you've posted and see how it goes.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. RickG

    RickG Well-Known Member

    Joined:
    Feb 28, 2005
    Messages:
    238
    Likes Received:
    2
    Trophy Points:
    168
    Location:
    North Carolina
    Not certain about using wildcards directly in the ACL, but you can use wildcards in an external file which should accept baduser@*.baddomain.com

    For example:

    drop message = Spam or Mail Bombing activity
    senders = /etc/sender_blacklist

    Or put the following in the first (advanced editor) box:

    addresslist sender_blacklist = wildlsearch;/etc/sender_blacklist

    And then use:

    drop message = Spam or Mail Bombing activity
    senders = +sender_blacklist
     
  4. casey

    casey Well-Known Member

    Joined:
    Jan 17, 2003
    Messages:
    2,303
    Likes Received:
    0
    Trophy Points:
    191
    Thanks Rick and chirpy. It does work with a wildcard. I used the option Rick suggested of
    drop message = Spam or Mail Bombing activity
    senders = /etc/sender_blacklist

    Of course, I had to create /etc/sender_blacklist. I put baduser@*.baddomain.com in the file and put the lines above after the accept hosts = : line in the ACL section of the Exim Configuration Editor.
     
  5. mickalo

    mickalo Well-Known Member

    Joined:
    Apr 16, 2002
    Messages:
    778
    Likes Received:
    4
    Trophy Points:
    318
    Location:
    N.W. Iowa
    what is the format used in the "sender_blacklist" file .... one address per line ?? We've had this problem occassionally and think this may help added this. just wanted to make sure of the file format used.

    thx's
    Mickalo
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. RickG

    RickG Well-Known Member

    Joined:
    Feb 28, 2005
    Messages:
    238
    Likes Received:
    2
    Trophy Points:
    168
    Location:
    North Carolina
    Yes - one address per line.
     
    #6 RickG, Oct 30, 2006
    Last edited: Oct 30, 2006
  7. mickalo

    mickalo Well-Known Member

    Joined:
    Apr 16, 2002
    Messages:
    778
    Likes Received:
    4
    Trophy Points:
    318
    Location:
    N.W. Iowa
    thx's, wanted to make sure ;)

    Mickalo
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice