Global email filters override Default Address

Hello, To fight spam I've set up multiple "Global Email Filters" for a domain, however these filters now appear to have overridden the "Default Address = Discard" setting that I have in place! This means that if get an email with a 'bad word' in its body and sent to anything@my-domain.co.uk the bad word gets matched by my filter uneccessarily instead of using its default address and the email being discarded immediately.

Can you explain why my Default Address (Discard) is being overridden by filters? I presume it's the way cPanel works - but surely there has to be a way to place the Default Address first, and then to stop processing global email filters?

Thanks in advance.

 

Hello, I have many filters, is this of relevance? As I said it appears 'ANY' global filter rule that is added will override a users 'Default Address' Discard setting. I believe cpanel shouldn't work this way really, or there should be at least the option of placing the Default Address/discard above all filters. OK so anyway here's one of my rules -

Filter Name: SPAM Body

Body (matches regex):
(?<!=)==(?!=)|(?-i)回|V2FudCBzZXgg|(?i)Vi\/agra|pussy|****|Good\s?day!|porno|girlfriend|keylogger|\$1500|Cialis|hacked|garantie|apporter|appartient|Lyft|sexual|envoyant|sexy|Cilais|Levtira|Vigara|sensual|Online\s?Pharmacy|Debt\s?Relief|TERMINIX|antiviruses|bored

Actions1 (Redirect to email):
spam@my-domain.co.uk

Actions2 (Stop processing more rules)

 

Thanks for this, it's what I thought. Is there a way to get around this so that the Default Address (discard) is actioned prior to my filter rules? eg. Maybe creating a new 'regex' filter rule that mimics what cpanel Default Address/discard should be doing. Basically I would like a regex rule to:

Filter Rule = Match all emails sent to: "does-not-exist@my-domain.co.uk"
Action = Discard
Action = Stop processing more rules

It would be really great if some genius out there could come up with a solid solution as I've spent so many days trying resolve this with no joy. My regex skills a very limited and i've hunted high and low on Google too. Thanks!

 

Hi Lauren, I was hoping that you could be a bit more specific if possible please, I'm not that great at regex especially of the Perl variety! I was looking for something like this -

Email To (matches regex): If Does Not Match This (john OR peter OR luke @mydomain.co.uk)
Action: Discard

Eg. So john123@mydomain.co.uk would be discarded but
john@mydomain.co.uk or peter@mydomain.co.uk or luke@mydomain.co.uk would be accepted for delivery.

Many thanks!

 

UPDATE: I've now managed to create a good regex rule to filter spam via cPanel email filters, I shall post it here to help others in my next response. I'm just adding final touches to it and wondered if anyone is able to tell me how to use 'word boundaries' in cpanel global email filters, I know cPanel uses PERL regex but I just can't get my code to work! Please show me how to match the text highlighted in red in the string below:

Match:
PCFkb2N9eXBlIGh0bWw+DQo8aHRt

Perl Regex:
What I have already: Fkb2N9.*
What did not work: \BFkb2N9\B

Basically if a spam email contains Fkb2N9 in a long Base64 string then I can deal with it, probably quarantine or disregard it as junk.