Limit a group of emails between few domains - custom email filtering - bcc filtering not working

[kssuhesh]

I have a custom requirement for managing the email delivery under my domain.

Environment :
Server: cPanel server ( Centos 7 )
My domain: myorg.com

Scenario:

In my organization ( myorg.com ) I need to limit the email delivery of one department ( say the development department ). The limiting includes delivery of incoming and outgoing mail between a few domains only. Like myorg.com can send emails only to 5 domains including myorg.com and cannot send or receive emails FROM and TO to Gmail, yahoo, etc...

I have tried to achieve the same by adding an exim custom filter. But the mails were delivered if they added outside emails in CC or BCC.

In my filter, the following condition occurs. I need to resolve the third condition. Please share your thoughts.

Conditions :
[email protected] to [email protected] - Delivered [ OK ]
[email protected] to [email protected] - blocking [OK]
[email protected] to [email protected] and CC [email protected] - Delivered to both the address [ Should be blocked, since the outside domain is there ]

We are Looking for exim custom rules or any other solution in cPanel to resolve this scenario. I have already contacted the cPanel team and they just escalated the issue telling us this needs advanced exim knowledge and customization and they will not give support for it and we need to do it ourselves.

 

[cPRex]

Hey there! That advice sounds right - there isn't any tool in the product that will allow you to easily perform that work, so the only thing we can recommend would be custom Exim filters.

We have been getting a lot of similar questions lately, so I added this post to request feedback:

Looking for feedback on recent email trends

Hello, everyone! Recently I've seen posts where server administrators would like to do the following with their email accounts: -I'd like it to be easier to configure a Smarthost -I'd like to have some domains use a Smarthost while others continue to use the local mailserver -I'd like to have...

forums.cpanel.net

so if you could add your thoughts to that I'd appreciate it!

 

[kssuhesh]

In the above scenario, the following rule worked and the mails from test@ to any domain in myorg.com, secondorg.com and thirdorg.com were working fine and mail to gmail.com failing. But if we add TO address in the allowed domains and set bcc or cc with gmail , the mail delivered. But it should have blocked.

#### Working to "TO" Address only ####
if first_delivery
and (("$h_from:" contains "[email protected]") or
("$h_from:" contains "[email protected]") or
("$h_from:" contains "[email protected]") or
("$h_from:" contains "[email protected]")
and (("$h_to" does not contain "@myorg.com") and
("$h_to" does not contain "@secondorg.com") and
("$h_to" does not contain "@thirdorg.com")
)
then
fail "Filter-1-TO Messages from $header_from is limited. $header_to is not allowed domains."
endif

So I tried adding cc and bcc in the second section, but it is not working.

#### NOT WORKING ####
if first_delivery
and (("$h_from:" contains "[email protected]") or
("$h_from:" contains "[email protected]") or
("$h_from:" contains "[email protected]") or
("$h_from:" contains "[email protected]")
and (("$h_to:, $h_cc, $h_bcc" does not contain "@myorg.com") and
("$h_to:, $h_cc, $h_bcc" does not contain "@secondorg.com") and
("$h_to:, $h_cc, $h_bcc" does not contain "@thirdorg.com")
)
then
fail "Filter-2-TO Messages from $header_from is limited. $header_to is not allowed domains."
endif

Anyone with a suggested filter code will be appreciated.