Limit a group of emails between few domains - custom email filtering - bcc filtering not working

kssuhesh

Active Member
Jan 11, 2009
26
8
128
Kochi
cPanel Access Level
Root Administrator
Twitter
I have a custom requirement for managing the email delivery under my domain.

Environment :
Server: cPanel server ( Centos 7 )
My domain: myorg.com

Scenario:

In my organization ( myorg.com ) I need to limit the email delivery of one department ( say the development department ). The limiting includes delivery of incoming and outgoing mail between a few domains only. Like myorg.com can send emails only to 5 domains including myorg.com and cannot send or receive emails FROM and TO to Gmail, yahoo, etc...

I have tried to achieve the same by adding an exim custom filter. But the mails were delivered if they added outside emails in CC or BCC.

In my filter, the following condition occurs. I need to resolve the third condition. Please share your thoughts.

Conditions :
[email protected] to [email protected] - Delivered [ OK ]
[email protected] to [email protected] - blocking [OK]
[email protected] to [email protected] and CC [email protected] - Delivered to both the address [ Should be blocked, since the outside domain is there ]

We are Looking for exim custom rules or any other solution in cPanel to resolve this scenario. I have already contacted the cPanel team and they just escalated the issue telling us this needs advanced exim knowledge and customization and they will not give support for it and we need to do it ourselves.
 
Last edited by a moderator:

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
11,032
1,741
363
cPanel Access Level
Root Administrator
Hey there! That advice sounds right - there isn't any tool in the product that will allow you to easily perform that work, so the only thing we can recommend would be custom Exim filters.

We have been getting a lot of similar questions lately, so I added this post to request feedback:


so if you could add your thoughts to that I'd appreciate it!
 

kssuhesh

Active Member
Jan 11, 2009
26
8
128
Kochi
cPanel Access Level
Root Administrator
Twitter
In the above scenario, the following rule worked and the mails from [email protected] to any domain in myorg.com, secondorg.com and thirdorg.com were working fine and mail to gmail.com failing. But if we add TO address in the allowed domains and set bcc or cc with gmail , the mail delivered. But it should have blocked.

#### Working to "TO" Address only ####
if first_delivery
and (("$h_from:" contains "[email protected]") or
("$h_from:" contains "[email protected]") or
("$h_from:" contains "[email protected]") or
("$h_from:" contains "[email protected]")
and (("$h_to" does not contain "@myorg.com") and
("$h_to" does not contain "@secondorg.com") and
("$h_to" does not contain "@thirdorg.com")
)
then
fail "Filter-1-TO Messages from $header_from is limited. $header_to is not allowed domains."
endif
So I tried adding cc and bcc in the second section, but it is not working.

#### NOT WORKING ####
if first_delivery
and (("$h_from:" contains "[email protected]") or
("$h_from:" contains "[email protected]") or
("$h_from:" contains "[email protected]") or
("$h_from:" contains "[email protected]")
and (("$h_to:, $h_cc, $h_bcc" does not contain "@myorg.com") and
("$h_to:, $h_cc, $h_bcc" does not contain "@secondorg.com") and
("$h_to:, $h_cc, $h_bcc" does not contain "@thirdorg.com")
)
then
fail "Filter-2-TO Messages from $header_from is limited. $header_to is not allowed domains."
endif
Anyone with a suggested filter code will be appreciated.