Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Need guide to create email filter (email spoofing)

Discussion in 'E-mail Discussion' started by wefrank, May 17, 2008.

  1. wefrank

    wefrank Member

    Oct 2, 2005
    Likes Received:
    Trophy Points:
    Have read the following:

    and looks like I need some pointers and assistance to create email filter for one of my clients - Recently they started filling exim queue with backscattered email bounces (which my VPS server is trying to forward, further creating problems...)

    Configuration: CPanel 11.18.3-R21703 (yes time for an upgrade...) on VPS

    Targeted email: info@myclient.1234
    which is forwarded to myclient@realdomain.5678

    I do not belive client uses this for outgoing, but would need to verify.

    Here is sample bounced email (domains and IPs masked)
    This message was created automatically by mail delivery software.

    A message that you sent could not be delivered to one or more of its
    recipients. This is a permanent error. The following address(es) failed:

    Unrouteable address

    ------ This is a copy of the message, including all the headers. ------
    ****** domains and IP addresses cleaned ****
    Return-path: <info@myclient.1234>
    Received: from [] (helo=
    by with esmtp (Exim 4.20)
    id 1JxH9D-0007kZ-QF
    for newsletter@victim.abcd; Sat, 17 May 2008 09:48:08 +0200
    Message-ID: <000901c8b7f3$041fc51d$974f2fba@nbbrgby>
    From: "Great watch Service" <info@myclient.1234>
    To: "Amazing Watches" <newsletter@victim.abcd>
    Subject: Hermes Watches

    ** spam text here **

    So, looks like I need email filter for "bounced email", to filter on
    Return-path: <info@myclient.1234>
    From: "" <info@myclient.1234>

    but do not know how to write exim filter or where to place.
    Thanks in advance for assitance or link to exim filter guide.

    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice