The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

filtering mail before forwarding

Discussion in 'E-mail Discussions' started by ajd5327, Nov 19, 2006.

  1. ajd5327

    ajd5327 Member

    Joined:
    Nov 19, 2006
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    Hey, I was wondering if anyone else was having this problem or knew of a fix. Some clients on my servers will set up their mail to forward to external email accounts, like yahoo or aol. They have spamassassin activated, but it seems that mail is forwaded BEFORE it gets filtered by spamassassin. This causes two problems:

    1) they still get all that spam at their external account

    2) more importantly for me - the external service provider, AOL for example, sees that spam is being delivered to an aol address and that it was bounced through my server - so it identifies my server as a spam source and blocks its IP.

    This has caused real problems, because other users on my servers try sending mail to AOL accounts and have it rejected because the IP has been blocked--all because of those stupid forwarders. :mad:

    Any ideas? :confused:
     
  2. brianoz

    brianoz Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,146
    Likes Received:
    6
    Trophy Points:
    38
    Location:
    Melbourne, Australia
    cPanel Access Level:
    Root Administrator
    This is a frequently discussed topic, do a search and you'll find 2 or 3 major threads on it.

    In short, there's no way to filter reliably that people have come up. Many people just disable forwarding to AOL et al.
     
  3. ajd5327

    ajd5327 Member

    Joined:
    Nov 19, 2006
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    Thanks, i had done a few searches but everything that came up looked a few years old. also, none of them discussed the IP-blocking result.

    i cant see that blocking all users from forwarding to aol, et al, is a viable solution. isnt there some way to change the forwarding order? someone has to have figured this out or all cPanel servers would be getting blocked by aol, yahoo, comcast, gmail, etc.
     
  4. brianoz

    brianoz Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,146
    Likes Received:
    6
    Trophy Points:
    38
    Location:
    Melbourne, Australia
    cPanel Access Level:
    Root Administrator
    What on earth do you mean by forwarding order?? :eek:
     
  5. ajd5327

    ajd5327 Member

    Joined:
    Nov 19, 2006
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    i mean the order between filtering and forwarding mail, so that it filters first before forwarding
     
  6. alan-tor

    alan-tor Active Member

    Joined:
    Dec 7, 2004
    Messages:
    28
    Likes Received:
    0
    Trophy Points:
    1
    Don't allow forwarding to AOL addresses. Many web hosts now have this policy, because AOL is the biggest problem in this regard.

    AOL blocks mail from a server that sent suspected spam, but AOL doesn't check to find and block the originator of the spam. Instead it blocks even the forwarder. If someone with a domain name has mail to their domain forwarded to an AOL mailbox, and if they ever receive spam, AOL may block all mail forwarded from their domain and from the entire server. Here's another explanation, from a reseller at my host:
    Here are two more references:
    http://support.rapidsystem.net/allsupport/aol.htm
    http://support.netraising.com/support/index.php?_m=news&_a=viewnews&newsid=10

    So, don't allow forwarding to AOL addresses.

    But yes, it would be useful if SpamAssassin could be applied to mail before forwarding. Unfortunately that seems to be impossible in the current cPanel.
     
  7. ajd5327

    ajd5327 Member

    Joined:
    Nov 19, 2006
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    Thanks. is there any way to actually prevent set the server not to forward mail to AOL accounts, or is it a matter of asking clients nicely not to set that up and/or manually removing those forwarders that are?
     
  8. alan-tor

    alan-tor Active Member

    Joined:
    Dec 7, 2004
    Messages:
    28
    Likes Received:
    0
    Trophy Points:
    1
    That's a good question. It would require some script to check mail forwarder destinations, and delete or disable any ending in "@aol.com". Even better would be to return an error when the user tried to save that forwarder, with a message explaining why you don't allow forwarding to AOL. I don't know how to do that, but perhaps someone else does.

    A sneaky hack would be to create a cPanel account for aol.com on each shared server. Then set all mail arriving at that account to :fail:
     
    #8 alan-tor, Nov 20, 2006
    Last edited: Nov 20, 2006
  9. ajd5327

    ajd5327 Member

    Joined:
    Nov 19, 2006
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    Hmm, that might accompliish too much: while that would prevent any mail from being forwarded to aol accounts, wouldn't it block all mail from shared server accounts from arriving at aol accounts too?
     
  10. alan-tor

    alan-tor Active Member

    Joined:
    Dec 7, 2004
    Messages:
    28
    Likes Received:
    0
    Trophy Points:
    1
    Yes, it would. It's not a great solution.

    I've directed clients using AOL to those links I provided, and I explain why AOL causes many problems for web hosts and mail hosts. I've managed to convince many clients to leave AOL and switch to a real ISP.
     
  11. forlinuxsupport

    forlinuxsupport Well-Known Member
    PartnerNOC

    Joined:
    Dec 22, 2004
    Messages:
    386
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    1. Type the following when logged in via SSH
    vi /etc/staticroutes

    2. Add entries in the format:
    domainname.com: target.mail.server
    E.g forlinux.co.uk: 1.2.3.4

    3. exit the editor.

    4. chmod 0644 /etc/staticroutes

    5. In WHM, under 'Service Configuration' choose 'Exim Configuration Editor', then click 'Switch to Advanced Editor'.

    6. Scroll down to the 'ROUTERS CONFIGURATION' section, and in the white space underneath, add the following:

    static_route:
    driver = manualroute
    condition = "${perl{checkspam}}"
    transport = remote_smtp
    route_data = ${lookup{$domain}lsearch{/etc/staticroutes}}


    7. Scroll to the bottom of the page and click 'Save' - Exim will automatically restart.

    The condition = "${perl{checkspam}}" does SPAM checking for forwarded mail, leave it out if you DONT want to scan for spam !!

    8. On the command line tail -f /var/log/exim_mainlog
    Make sure there are no errors !!!!!!!!
     
  12. alan-tor

    alan-tor Active Member

    Joined:
    Dec 7, 2004
    Messages:
    28
    Likes Received:
    0
    Trophy Points:
    1
    Perhaps you could explain that last step further.

    Has this been tested? Does it enable SpamAssassin to scan and filter mail before it is forwarded via a cPanel mail forwarder? If so, this is the first solution I've seen documented, as everyone else has said that there is no way on cPanel to apply SpamAssassin to mail forwarders.
     
  13. forlinuxsupport

    forlinuxsupport Well-Known Member
    PartnerNOC

    Joined:
    Dec 22, 2004
    Messages:
    386
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator

    Hi

    Yes to all your questions. clients moaning about forward email spam, turned that on, now no more complaints :)

    Its easy enough to do, so try it and see for yourself :)

    You will need to turn spamassassin ON for that domain as it uses those settings for that domains forwarded email. so set to delete or just mark etc

    Regards
    Andy
     
  14. brianoz

    brianoz Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,146
    Likes Received:
    6
    Trophy Points:
    38
    Location:
    Melbourne, Australia
    cPanel Access Level:
    Root Administrator
    That looks fantastic. Could you take a minute to explain what it does and how it works for those of us who are exim-challenged?
     
  15. forlinuxsupport

    forlinuxsupport Well-Known Member
    PartnerNOC

    Joined:
    Dec 22, 2004
    Messages:
    386
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    Hey

    Sorry im also one of those exim-challenged folkes. I found the solution somewhere.. might even have been from a cpanel techie. Those exim configs can be tricky and I also have trouble following them.

    static_route: <- a new route
    driver = manualroute <- its a manual route ?
    condition = "${perl{checkspam}}" <- do spam checking on this route (leave this line out to just forward WITHOUT scanning)
    transport = remote_smtp <- rmote because its being forwarded
    route_data = ${lookup{$domain}lsearch{/etc/staticroutes}} <- use your staticroutes file to know where
    to forward to


    I think a more experienced exim hacker can give a better / fuller explaination.

    Regards
    Andy
     
  16. alan-tor

    alan-tor Active Member

    Joined:
    Dec 7, 2004
    Messages:
    28
    Likes Received:
    0
    Trophy Points:
    1
    I don't have a file named "staticroutes" in the etc directory of my client accounts or my reseller account. Is this something that can be enabled by a reseller who doesn't own the server? IOW, I have a reseller plan with WHM/cPanel access that I buy from the host who controls the servers and has the "master" WHM.

    Is "domainname.com" the domain/account for which you want to enable SpamAssassin before forwarding, so you do this for each domain? Or is this the reseller domain? Or the hostname of the server?

    Likewise, what is "target.mail.server"?
     
  17. forlinuxsupport

    forlinuxsupport Well-Known Member
    PartnerNOC

    Joined:
    Dec 22, 2004
    Messages:
    386
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    hi

    just create the file
    then add entries of the format
    domain.co.uk : 213.143.x.xx

    Where domain.co.uk is the "domain.co.uk" you receive the emails on
    and 213.143.x.x is the ip of the server you want the mails to be forwarded to (e.g. an office server etc)

    :)
    Andy
     
  18. alan-tor

    alan-tor Active Member

    Joined:
    Dec 7, 2004
    Messages:
    28
    Likes Received:
    0
    Trophy Points:
    1
    Sorry, maybe I'm dense. Let's say I have a cPanel account for AlanDomain.com. Mail for Alan@AlanDomain.com would therefore first arrive at my cPanel server. I have a cPanel mail forwarder to forward mail for Alan@AlanDomain.com to bob@Gmail.com.

    1. So in your model of domain.co.uk : 213.143.x.xx, do I specify:

    AlanDomain.com : followed by the IP of Gmail's server?

    2. Is there a way to specify the final mail server as domain name rather than IP? Domain name is more usual. IP would require us to do detective work to find the IP of Gmail, Hotmail, or wherever the user was receiving the forwarded mail. Also, IP may change more often than the domain name of the final mail server.
     
    #18 alan-tor, Dec 5, 2006
    Last edited: Dec 5, 2006
  19. forlinuxsupport

    forlinuxsupport Well-Known Member
    PartnerNOC

    Joined:
    Dec 22, 2004
    Messages:
    386
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    yes i think thats all right.

    try just put this in static routes

    AlanDomain.com : gmail.com

    ALL mail to AlanDomain.com will be forwarded.. If you only want a single email address forwarded then use email forwarders in the cpanel :)

    I think that will work.. do it then send him an email and tail the logs.. it should be relayed.

    you can also check it by doing

    exim -bt Alan@AlanDomain.com
     
  20. alan-tor

    alan-tor Active Member

    Joined:
    Dec 7, 2004
    Messages:
    28
    Likes Received:
    0
    Trophy Points:
    1
    That's not what I want. I don't want all mail for the entire domain forwarded to the same destination. I want individual mail addresses forwarded to different targets, so each user can have his mail forwarded to his ISP mailbox or other external mail account. Mail for carol@AlanDomain.com might forward to carol@Gmail.com, while mail for jim@AlanDomain.com might forward to jim@Verizon.com

    Sorry, that's what I'm talking about. I am using cPanel mail forwarders, but I would like to have that mail first scanned/filtered by SpamAssassin and cPanel/Exim mail filters before it is forwarded. Is that not possible?

    Can a reseller, like me, do that?

    Is this something that can be enabled by a reseller who doesn't own the server? IOW, I have a reseller plan with WHM/cPanel access that I buy from the host who controls the servers and has the "master" WHM. i don't have access to overall server config or server logs. I just buy a reseller account from the host who owns the servers.
     
    #20 alan-tor, Dec 6, 2006
    Last edited: Dec 6, 2006
Loading...

Share This Page