Email filter to block messages with "re [##]" subject

touma · May 21, 2005

Hi guys,

I was receiving spam with subjects like re[34], Re [45]:, etc... that spam assassin didn't catch...

well, the solution: filter with regex. :D

just set a filter in CPanel where the 'Subject' 'matches regex' and put "\\N^((?i)re)(\\s|)+\\[([0-9])+\\]

|)$\\N" (without quotes) in the input box...

It will match: re[12], RE [3], Re [43]:, Re[55]:, and variations...

Have a nice filtering!

If anyone wants to understand the regex, please ask me...

Marcel Touma

minotauro · Aug 3, 2005

touma said:
Hi guys,

I was receiving spam with subjects like re[34], Re [45]:, etc... that spam assassin didn't catch...

well, the solution: filter with regex. :D

just set a filter in CPanel where the 'Subject' 'matches regex' and put "\\N^((?i)re)(\\s|)+\\[([0-9])+\\]|)$\\N" (without quotes) in the input box...

It will match: re[12], RE [3], Re [43]:, Re[55]:, and variations...

Have a nice filtering!

If anyone wants to understand the regex, please ask me...

Marcel Touma

Hello Marcel,

Greatz post! Perfect filter. Do you have others filters do send me?

Regards,
Minotauro.

touma · Aug 5, 2005

Hi Minotauro, thanks!

I don't have other filters yet... but every time I create one, I will post it here...

Regards,
Marcel Touma

Bruce · Aug 6, 2005

Is there a way to set this up in Exim.conf file ?
And, do you have any idea how to setup your own dns blacklist ?
Ref http://forums.cpanel.net/showthread.php?t=41853&highlight=blackholes

Bruce · Aug 10, 2005

Is there a way to set this up in Exim.conf file ?

Anyone ?

minotauro · Aug 19, 2005

Bruce said:
Is there a way to set this up in Exim.conf file ?

Anyone ?

Hello Bruce,

You need open a /etc/antivirus.exim and put:

if
$header_subject: matches "\\N^((?i)re)(\\s|)+\\[([0-9])+\\]

|)\$\\N"
then
seen finish
endif

I already test and work fine!

Thanks Touma.

Regards,
Minotauro.

Bruce · Aug 19, 2005

THANKS minotauro

Works like a charm !
Any idea how to setup your own dns blacklist ?
http://forums.cpanel.net/showthread.php?t=41853&highlight=blackholes

minotauro · Aug 21, 2005

Bruce said:
THANKS minotauro
Works like a charm !
Any idea how to setup your own dns blacklist ?
http://forums.cpanel.net/showthread.php?t=41853&highlight=blackholes

Hello,

I will test a blacklist and after post the correct config here.

Regards,
Minotauro.

minotauro · Aug 21, 2005

Bruce said:
THANKS minotauro
Works like a charm !
Any idea how to setup your own dns blacklist ?
http://forums.cpanel.net/showthread.php?t=41853&highlight=blackholes

Hello Bruce,

To configure a blacklists, open your /etc/exim.conf, and find the line "begin acl" (so so the line 230). Below I replicate my exim.conf with one blacklist already working (if you like configuration another blacklist, only replicate two line and change the URL of list and message).

#!!#######################################################!!#
#!!# This new section of the configuration contains ACLs #!!#
#!!# (Access Control Lists) derived from the Exim 3 #!!#
#!!# policy control options. #!!#
#!!#######################################################!!#

#!!# These ACLs are crudely constructed from Exim 3 options.
#!!# They are almost certainly not optimal. You should study
#!!# them and rewrite as necessary.

begin acl

#!!# ACL that is used after the RCPT command
check_recipient:
# Exim 3 had no checking on -bs messages, so for compatibility
# we accept if the source is local SMTP (i.e. not over TCP/IP).
# We do this by testing for an empty sending host field.
accept hosts = :

deny dnslists = sbl-xbl.spamhaus.org
message = Connection denied spamhaus.org

# Accept bounces to lists even if callbacks or other checks would fail
warn message = X-WhitelistedRCPT-nohdrfromcallback: Yes
condition = \
${if and {{match{$local_part}{(.*)-bounces\+.*}} \
{exists {/usr/local/cpanel/3rdparty/mailman/lists/${lc:$1}/config.pck}}} \
{yes}{no}}

Regards,
Minotauro.

kashif · Nov 28, 2005

Regarding discard emails having .zip attachments

Dear friends,

If I want to discard emails having attchments of .zip extension, then what I need to set in CPanel filters for a specific domain. Waiting for th response.

minotauro · Nov 30, 2005

kashif said:
Dear friends,

If I want to discard emails having attchments of .zip extension, then what I need to set in CPanel filters for a specific domain. Waiting for th response.

Hello kashif,

I only know how to configure to all domain (in file /etc/antivirus.exim). Sorry!

Regards,
Minotauro.

Thread starter	Similar threads	Forum	Replies	Date
M	Filter/Block Incoming Emails by Domain in EXIM not working	Email	5	Feb 6, 2023
N	EXIM custom filter to block email address in name field?	Email	1	Jun 8, 2022
S	How block domains that uses amazones in "Filter Incoming Emails by Domain"	Email	10	Jan 14, 2021
C	SOLVED Global email filter - block .co email addresses	Email	50	Jul 22, 2020
	EXIM custom filter to block email address in name field?	Email	6	Oct 7, 2019

Search

Search

Email filter to block messages with "re [##]" subject

touma

Member

minotauro

Well-Known Member

touma

Member

Bruce

Well-Known Member

Bruce

Well-Known Member

minotauro

Well-Known Member

Bruce

Well-Known Member

minotauro

Well-Known Member

minotauro

Well-Known Member

kashif

Active Member

minotauro

Well-Known Member