The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Email filter to block messages with "re [##]" subject

Discussion in 'E-mail Discussions' started by touma, May 21, 2005.

  1. touma

    touma Member

    Joined:
    Apr 13, 2004
    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    São Paulo - Brasil
    Hi guys,

    I was receiving spam with subjects like re[34], Re [45]:, etc... that spam assassin didn't catch... :mad:

    well, the solution: filter with regex. :D

    just set a filter in CPanel where the 'Subject' 'matches regex' and put "\\N^((?i)re)(\\s|)+\\[([0-9])+\\]:)|)$\\N" (without quotes) in the input box...

    It will match: re[12], RE [3], Re [43]:, Re[55]:, and variations...

    Have a nice filtering! :)

    If anyone wants to understand the regex, please ask me...

    Marcel Touma
     
  2. minotauro

    minotauro Well-Known Member

    Joined:
    Jan 19, 2004
    Messages:
    89
    Likes Received:
    0
    Trophy Points:
    6
    Hello Marcel,

    Greatz post! Perfect filter. Do you have others filters do send me?

    Regards,
    Minotauro.
     
  3. touma

    touma Member

    Joined:
    Apr 13, 2004
    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    São Paulo - Brasil
    Hi Minotauro, thanks!

    I don't have other filters yet... but every time I create one, I will post it here... :)


    Regards,
    Marcel Touma
     
    #3 touma, Aug 5, 2005
    Last edited: Aug 5, 2005
  4. Bruce

    Bruce Well-Known Member

    Joined:
    Oct 4, 2001
    Messages:
    147
    Likes Received:
    0
    Trophy Points:
    16
  5. Bruce

    Bruce Well-Known Member

    Joined:
    Oct 4, 2001
    Messages:
    147
    Likes Received:
    0
    Trophy Points:
    16
    Is there a way to set this up in Exim.conf file ?

    Anyone ?
     
  6. minotauro

    minotauro Well-Known Member

    Joined:
    Jan 19, 2004
    Messages:
    89
    Likes Received:
    0
    Trophy Points:
    6
    Hello Bruce,

    You need open a /etc/antivirus.exim and put:

    if
    $header_subject: matches "\\N^((?i)re)(\\s|)+\\[([0-9])+\\]:)|)\$\\N"
    then
    seen finish
    endif

    I already test and work fine! :) Thanks Touma.

    Regards,
    Minotauro.
     
  7. Bruce

    Bruce Well-Known Member

    Joined:
    Oct 4, 2001
    Messages:
    147
    Likes Received:
    0
    Trophy Points:
    16
  8. minotauro

    minotauro Well-Known Member

    Joined:
    Jan 19, 2004
    Messages:
    89
    Likes Received:
    0
    Trophy Points:
    6
  9. minotauro

    minotauro Well-Known Member

    Joined:
    Jan 19, 2004
    Messages:
    89
    Likes Received:
    0
    Trophy Points:
    6
    Hello Bruce,

    To configure a blacklists, open your /etc/exim.conf, and find the line "begin acl" (so so the line 230). Below I replicate my exim.conf with one blacklist already working (if you like configuration another blacklist, only replicate two line and change the URL of list and message).

    #!!#######################################################!!#
    #!!# This new section of the configuration contains ACLs #!!#
    #!!# (Access Control Lists) derived from the Exim 3 #!!#
    #!!# policy control options. #!!#
    #!!#######################################################!!#

    #!!# These ACLs are crudely constructed from Exim 3 options.
    #!!# They are almost certainly not optimal. You should study
    #!!# them and rewrite as necessary.

    begin acl

    #!!# ACL that is used after the RCPT command
    check_recipient:
    # Exim 3 had no checking on -bs messages, so for compatibility
    # we accept if the source is local SMTP (i.e. not over TCP/IP).
    # We do this by testing for an empty sending host field.
    accept hosts = :

    deny dnslists = sbl-xbl.spamhaus.org
    message = Connection denied spamhaus.org

    # Accept bounces to lists even if callbacks or other checks would fail
    warn message = X-WhitelistedRCPT-nohdrfromcallback: Yes
    condition = \
    ${if and {{match{$local_part}{(.*)-bounces\+.*}} \
    {exists {/usr/local/cpanel/3rdparty/mailman/lists/${lc:$1}/config.pck}}} \
    {yes}{no}}

    Regards,
    Minotauro.
     
  10. kashif

    kashif Active Member

    Joined:
    Jul 11, 2003
    Messages:
    29
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Lahore
    Regarding discard emails having .zip attachments

    Dear friends,

    If I want to discard emails having attchments of .zip extension, then what I need to set in CPanel filters for a specific domain. Waiting for th response.
     
  11. minotauro

    minotauro Well-Known Member

    Joined:
    Jan 19, 2004
    Messages:
    89
    Likes Received:
    0
    Trophy Points:
    6
    Hello kashif,

    I only know how to configure to all domain (in file /etc/antivirus.exim). Sorry!

    Regards,
    Minotauro.
     
Loading...

Share This Page