The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Drop e-mails from wildcard domain

Discussion in 'E-mail Discussions' started by casey, Oct 29, 2006.

  1. casey

    casey Well-Known Member

    Joined:
    Jan 17, 2003
    Messages:
    2,303
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    If there is trouble, it will find me
    I am having a terrible time with a certain spammer. They are sending e-mails from a single domain, but they're using something like 150 subdomains all with different IP addresses to send the spam. I want to block this domain serverwide with all its subdomains as well. Is there some way I can use wildcards in an exim ACL?

    I have seen the following code:
    Code:
    drop senders = baduser@baddomain.com
           message = Spam or Mail Bombing activity
    How can I make that something like baduser@*.baddomain.com? Can I use an asterisk in there?
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Look in the exim mailing list I've seen hints that it should work with wilcarding like that. Have a go with what you've posted and see how it goes.
     
  3. RickG

    RickG Well-Known Member

    Joined:
    Feb 28, 2005
    Messages:
    238
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    North Carolina
    Not certain about using wildcards directly in the ACL, but you can use wildcards in an external file which should accept baduser@*.baddomain.com

    For example:

    drop message = Spam or Mail Bombing activity
    senders = /etc/sender_blacklist

    Or put the following in the first (advanced editor) box:

    addresslist sender_blacklist = wildlsearch;/etc/sender_blacklist

    And then use:

    drop message = Spam or Mail Bombing activity
    senders = +sender_blacklist
     
  4. casey

    casey Well-Known Member

    Joined:
    Jan 17, 2003
    Messages:
    2,303
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    If there is trouble, it will find me
    Thanks Rick and chirpy. It does work with a wildcard. I used the option Rick suggested of
    drop message = Spam or Mail Bombing activity
    senders = /etc/sender_blacklist

    Of course, I had to create /etc/sender_blacklist. I put baduser@*.baddomain.com in the file and put the lines above after the accept hosts = : line in the ACL section of the Exim Configuration Editor.
     
  5. mickalo

    mickalo Well-Known Member

    Joined:
    Apr 16, 2002
    Messages:
    765
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    N.W. Iowa
    what is the format used in the "sender_blacklist" file .... one address per line ?? We've had this problem occassionally and think this may help added this. just wanted to make sure of the file format used.

    thx's
    Mickalo
     
  6. RickG

    RickG Well-Known Member

    Joined:
    Feb 28, 2005
    Messages:
    238
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    North Carolina
    Yes - one address per line.
     
    #6 RickG, Oct 30, 2006
    Last edited: Oct 30, 2006
  7. mickalo

    mickalo Well-Known Member

    Joined:
    Apr 16, 2002
    Messages:
    765
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    N.W. Iowa
    thx's, wanted to make sure ;)

    Mickalo
     
Loading...

Share This Page