The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Outgoing spam filter using exim

Discussion in 'E-mail Discussions' started by amal, Jun 15, 2014.

  1. amal

    amal Well-Known Member

    Joined:
    Nov 22, 2003
    Messages:
    155
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    India
    cPanel Access Level:
    Root Administrator
    We setup an outgoing spam filter using exim to block spoofed emails. Basically, this is what we did.

    Basically, this is what it does.
    It checks if the email is sent either using
    "local" ( ie, emails send using forms and scripts ) or
    "esmtpa" ( ie, emails sent after autheticating )
    and if it matches either of the 2 conditions, it checks for the from address and if it matches either ( aol, hotmail, etc ), it will block the email and append it to /var/cpanel/userhomes/cpaneleximfilter/mail/inbox

    Now, this is what we need. We need to modify the filter so that emails are sent out only if the from address is present in /etc/localdomains. That way, all spoofed spam emails from the server can be blocked. Any help on this is much appreciated. :)
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Yes, you could likely implement a rule that includes all local domain names in that custom filter. You may try searching the Exim documentation or older threads that might implement such rules. Also, have you considered using any native options such as enabling SpamAssassin for outgoing email?

    Thank you.
     
  3. amal

    amal Well-Known Member

    Joined:
    Nov 22, 2003
    Messages:
    155
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    India
    cPanel Access Level:
    Root Administrator
    We have implemented this using Exim ACLs. Also, documented it on our blog for the benefit of the community. :) - Blocking spoofed mails going out of your cPanel/WHM web hosting server

    3 points that we need to keep in mind are

    • Usernames in the format user+domain.com won't work. So, they need to change that in their email clients to username@domain.com instead
    • Mails sent from the default email account ( in the name of cPanel username ) won't work. They have to create a separate email account by the same name instead.
    • POP before SMTP won't work. But, we do not recommend turning ON this feature anyway as it's a security risk.

    Request to cPanel ==> Why can't we add a "spoofing protection" option in cPanel Exim configuration editor ? More than 75% of spam emails are spoofed. And if cPanel can block that out from servers with cPanel installed, that's going to make a significant difference to the amount of spam circulating around the world. The chances of IP Address blacklist will come down as well. :)
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Please feel free to submit a feature request for any ideas or features you think might benefit the software:

    Submit A Feature Request

    Thank you.
     
Loading...

Share This Page