Exim Version 4.91-5 WHM version 78.0.23
There are many email domains that are receiving spams from the same source emails,
SpamAssassin is impractical as this blocks wildcard domains only on a per-account basis.
What I want to do:
-- Check a sending domain matches a set pattern or a wildcard pattern, and if so discard silently across any server account.
What I have read so far...
I have read various topics on this:
And the documentation on applying Exim rules.
- How to Customize the Exim System Filter File - cPanel Knowledge Base - cPanel Documentation
However, The example on the WHM Documentation is simple and does not reference wildcarding. I have set up a file per the documentation and reading links above, thus:
The Exim Documentation on PCRE ( Exim Specification - Regular expressions ) states that in "matches" that single backslashes are enough (rather than double) and that dollar signs do not need escaping.
And this seems to stop the "Contains" but I suspect this rule also seems to be failing for all emails. I received reports that at least one client has received no emails since this was put in place.
What I would like to achieve
I am trying to set a single cannonical location on the server to list PCRE email from accounts that should be silently blocked from all server accounts.
I need so far:
What is the best way of achieving this aim, Once I'm confident of the PCRE working I can add further domains to the list.
Thank you.
There are many email domains that are receiving spams from the same source emails,
SpamAssassin is impractical as this blocks wildcard domains only on a per-account basis.
What I want to do:
-- Check a sending domain matches a set pattern or a wildcard pattern, and if so discard silently across any server account.
What I have read so far...
I have read various topics on this:
- - Exim Blacklist Domains Issue
- - https://forums.cpanel.net/threads/block-incoming-emails-from-domain.606795/
- - deano.me/2016/05/how-to-block-emails-by-domain-in-whm-exim/
- - unix.stackexchange.com/questions/213537/regex-usage-in-exim-filtering
And the documentation on applying Exim rules.
- How to Customize the Exim System Filter File - cPanel Knowledge Base - cPanel Documentation
However, The example on the WHM Documentation is simple and does not reference wildcarding. I have set up a file per the documentation and reading links above, thus:
Code:
if
$h_from: contains "@example.com"
or $h_from: contains "@example.net"
or $h_from: matches ".*@.*\.example\.org$"
or $h_from: matches ".*@.*\.icu$"
#then noerror seen finish
then
deliver "SpamTest <[email protected]>"
seen finish
endif
And this seems to stop the "Contains" but I suspect this rule also seems to be failing for all emails. I received reports that at least one client has received no emails since this was put in place.
What I would like to achieve
I am trying to set a single cannonical location on the server to list PCRE email from accounts that should be silently blocked from all server accounts.
I need so far:
- - To block anything from @example.com (this works)
- - To block anything from @example.net (this works)
- - To block anything from any email shaped as <anything>@<anything>.example.org
- - To block anything from any email shaped as <anything>@<anything>.icu
What is the best way of achieving this aim, Once I'm confident of the PCRE working I can add further domains to the list.
Thank you.
Last edited by a moderator: