Well for some reasons .co email addresses have started showing back up again in Spam. Not sure what changed but I'd like to stop any and all emails that end in .co addresses and obviously not block .com addresses. Any thoughts?
Hmm better yet, maybe I just need to block the range of IP addresses. I've not done that before but looking in to it. I se that all these .co Spam emails come from same set of first 3 sets of numbers the same with the last three changing each message.
spam ips from .co domain are changing.
I have .co domain inside file /etc/blocked_incoming_email_domains, and all spam is blocked without exception.
I have this accumulated list from long time ago and all messages are rejected. And no complaints from customers about missed messages
just save inside /etc/blocked_incoming_email_domains , and rebuild and restart:
# /scripts/buildeximconf; service exim restart
log rejection messages are like "Sender domain is banned"
hope it helps
I have .co domain inside file /etc/blocked_incoming_email_domains, and all spam is blocked without exception.
I have this accumulated list from long time ago and all messages are rejected. And no complaints from customers about missed messages
Code:
*.accountant
*.bid
*.biz
*.business
*.buzz
*.cam
*.cf
*.christmas
*.click
*.club
*.co
*.co.kr
*.country
*.cricket
*.cyou
*.date
*.desi
*.durban
*.faith
*.fit
*.fun
*.ga
*.gdn
*.gq
*.gr
*.icu
*.kim
*.life
*.live
*.loan
*.lol
*.men
*.ml
*.mom
*.monster
*.nagoya
*.ninja
*.okinawa
*.online
*.ooo
*.pro
*.racing
*.review
*.rocks
*.site
*.space
*.stream
*.tel
*.tk
*.today
*.top
*.us
*.webcam
*.win
*.work
*.world
*.xyz
*.zip# /scripts/buildeximconf; service exim restart
log rejection messages are like "Sender domain is banned"
hope it helps
Thank you Mise!
I still don't get email notifications for messages here but you are correct, I blocked the IP address, they just moved to a different IP address but it was pretty consistant that messages were all coming from .co addresses. Three times now I've added the first 3 sets of numbers of the IP address which was blocking them for a time so came back to see if any additional solutions. Thanks for what you've shared!
I"m by no means a cpanel expert but I believe I done your steps correctly. I created a new text file in the etc folder as you mentioned and put your code lines of domains in that file. I then used the EXIM restart from WHM. Everything said okay except I did get the following warnings:
Starting clamd: LibClamAV Warning: **************************************************
LibClamAV Warning: *** The virus database is older than 7 days! ***
LibClamAV Warning: *** Please update it as soon as possible. ***
LibClamAV Warning: **************************************************
After EXIM started back up I did send a test email from a different account and verified that .com address still went through at least and now I'll keep an eye on Spam folder to hopefully never see a .co email ever again!
I still don't get email notifications for messages here but you are correct, I blocked the IP address, they just moved to a different IP address but it was pretty consistant that messages were all coming from .co addresses. Three times now I've added the first 3 sets of numbers of the IP address which was blocking them for a time so came back to see if any additional solutions. Thanks for what you've shared!
I"m by no means a cpanel expert but I believe I done your steps correctly. I created a new text file in the etc folder as you mentioned and put your code lines of domains in that file. I then used the EXIM restart from WHM. Everything said okay except I did get the following warnings:
Starting clamd: LibClamAV Warning: **************************************************
LibClamAV Warning: *** The virus database is older than 7 days! ***
LibClamAV Warning: *** Please update it as soon as possible. ***
LibClamAV Warning: **************************************************
After EXIM started back up I did send a test email from a different account and verified that .com address still went through at least and now I'll keep an eye on Spam folder to hopefully never see a .co email ever again!
well I guess I did something wrong. I just received a .co email in SPAM. These get marked ***SPAM*** but my preference is they just get discarded.
Thanks for the pointers above, just sharing that I needed to use the following regex match to block only '.co' but ensure '.com', 'co.nz' and '.com.au' continued to get delivered.
[email protected]+\.co$
Make sure your testing your filters and not inadvertently sending more than you expect to /dev/null!
[email protected]+\.co$
Make sure your testing your filters and not inadvertently sending more than you expect to /dev/null!
Attachments
You all are way over my head in experience. But I think I solved this some time ago on a different thread. Or at least, I think I fixed it for me.
Here is the from address from above: <[email protected]>
I believe my problem was "ends with" ".co" didn't work because of the '>'. So to block spam from addresses ending in ".co" I had to create 2 different filters, "ends with" ".co" and "ends with" ".co>".
It's been a long time since I discussed this with cPanel, but I seem to remember that I suggested this might be a shortcoming in global filters. But then again, I could be wrong.
YMMV.
d.
Here is the from address from above: <[email protected]>
I believe my problem was "ends with" ".co" didn't work because of the '>'. So to block spam from addresses ending in ".co" I had to create 2 different filters, "ends with" ".co" and "ends with" ".co>".
It's been a long time since I discussed this with cPanel, but I seem to remember that I suggested this might be a shortcoming in global filters. But then again, I could be wrong.
YMMV.
d.
| Thread starter | Similar threads | Forum | Replies | Date |
|---|---|---|---|---|
| T | SOLVED Global Email Filters not applying first time | 10 | ||
| S | Request for help in global email filters rejected then accepted | 1 | ||
| F | email bypassing cpanel global email filters | 1 | ||
| F | Global email filter for all websites under WHM | 1 | ||
| F | .exe file to redirect in cpanel global email filters | 3 |