Exim Custom Filters don't work

Hello,

My exim sever and the SpamAssasin doesn't check all the spam..
I have seen that certains domains send all the time spam, so I create new rules to block them
But this new rules they are not working...
This morning I recieved a email where return-path: contains @a2hosting.com ..

I create this file :/usr/local/cpanel/etc/exim/sysfilter/options/inbound_tld_block
wtih this code (it's supposed that in [email protected] will recieve all the spam detected):

Code:

if first_delivery
and (
("$h_from:" matches "[email protected]+\\\\.asia[^a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.bid[^a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.click[^a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.cricket[^a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.date[^a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ec[^a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.exercise[^a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.co.in[^a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.gen.in[^a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.net.in[^a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.link[^a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.ninja[^a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.party[^a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.review[^a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.rocks[^a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.science[^a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.space[^a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.stream[^a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.sk[^a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.uno[^a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.website[^a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.work[^a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.xyz[^a-zA-Z0-9_]")
or ("$h_from:" matches "[email protected]+\\\\.za[^a-zA-Z0-9_]")
or ("$h_return-path:" contains "a2hosting.com")
)
then
headers add "SpamRule: EXIM FILTER Block Unwanted Domains (was: $h_subject:)"
deliver "[email protected]"
seen finish
endif

And then in Exim Configuration Manager --> Basic Editor --> Filter -->Custom Filter: inbount_tld_block I check "ON"
And I save.

How can I check that the rules are ok?

 

Thank you rpvw.

I rewrite the rule. I will check if now works...

I have one question: are the rules case-sensitive ?
For exemple I write $h_return-path in lowercase . Is this correct ?

I can see that you write : Old-Subject as header in upper-lowercase and the variable in lowercase ....


Thank you

 

Hello again.

I try to send spam emails to my server, and I check that if I send as
"[email protected]" the system-filter catch this email and send to [email protected] without subject modification.
If I send as "[email protected]" the filter doesn't check the email and I recieve in my inbox ....
I check and the return-path is: [email protected]

Any ideas?

Thank you

 

Thank you @rpvw .
After modify the file I didn't press the button "Save" in EximConfiguration --> Basic Editor --> Filter.

I Know that every modification in that custom file I have to save.