The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Failing messages in filters

Discussion in 'E-mail Discussions' started by sparek-3, Oct 20, 2014.

  1. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,381
    Likes Received:
    23
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    Why is there an option to "fail" a message when creating email filters in cPanel?

    It is my understanding that "fail" is used to reject a message at SMTP time, i.e. in the case of the default address.

    Filtering only takes place after a message has been accepted by the server.

    By having "fail" in the message filters, the server is then tasked with sending out an NDR, which for a lot of times, is to an address that does not really exist or does not accept mail, creating a backlog of NDRs on the server.

    For example, sam@example.tld sets up a filter to fail messages that contain pharmacy in the message:

    Code:
    if
     $message_body contains "pharmacy"
    then
     fail "unable to deliver message"
    endif
    if idontexist@anotherexample.tld sends sam@example.tld with the word "pharmacy" in the message, then our server is then tasked with sending an NDR back to idontexist@anotherexample.tld that says "unable to deliver message". Except, idontexist@anotherexample.tld, doesn't accept messages, thus meaning that this NDR sits in our queue waiting to be delivered.

    Once an email message is accepted by the server, it cannot be failed. It can be blackholed. The solution to the above example would be to word the filter as:

    Code:
    if
     $message_body contains "pharmacy"
    then
     save "/dev/null" 660
    endif
    Correct? This way when idontexist@anotherexample.tld sends sam@example.tld with the word "pharmacy" in the message the message just gets sent straight to /dev/null. sam@example.tld never knows that idontexist@anotherexample.tld sent them this message and idontexist@anotherexample.tld nevers knows that sam@example.tld did not receive the message.
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    653
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  3. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,381
    Likes Received:
    23
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    No, I don't think that applies here.

    I agree :fail: should be used for the default address and when rejecting a message at SMTP time. Setting your default address to :fail: and when someone sends a message to a nonexistent email address on the domain name, it gets rejected, a message ID is never generated by the recipient server in this process.

    The filtering process is different. Filtering only happens after the message is accepted by the recipient server, a message ID is generated. THEN if a filter is set to :fail: the message it is rejected, but at that point it's already inside the recipient server's mail queue.

    :fail: should never be an option in the filtering system because it's not properly rejecting the message. In order for :fail: to be viable in a filtering system, the message would have to be scanned during SMTP processing, matched for any possible filters that may exist, and if found - then :fail: the message - before it is ever accepted by the recipient SMTP server. That is going to take a lot of processing and doesn't accomplish a whole lot. Better to just blackhole a filtered message by saving it to /dev/null in the filtering system. Better to just remove :fail: as an option in the filtering system.
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    653
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    While those are valid points, it's still made available for users that prefer to send a failure notice to the sender. You could submit a feature request to have it removed completely via:

    Submit A Feature Request

    Thank you.
     
Loading...

Share This Page