Prevent and restrict Outgoing email?

[lowhigh]

Hi everybody!

My customer is so strict, he required us so much and I need your help!
First, he want to monitor all incoming and outgoing from his email accounts. I easily have done this by following the guide to edit /etc/cpanel_exim_system_filter_custom
Like this:

# Monitor both incoming and outgoing emails.
if first_delivery
   and ("$h_to:, $h_cc:" contains "@domain.tld")
   or ("$h_from:" contains "@domain.tld")
   and ("$h_to:, $h_cc:, $h_from:" does not contain "[email protected]")
then
   unseen deliver "[email protected]"
endif

But now, he want to:
- Prevent some email accounts from his domain sending outside but still sending locally
- Restrict some other email accounts sending outside to some specific address such us only @gmail or @yahoo, other addresses is forbidden

I find on Google some suggestes to disable Outgoing mail:

logfile /var/log/filter.log 0644
if (
$received_protocol is "local" or
$received_protocol is "esmtpa"
) and (
$header_from contains "@domain1.com" or
$header_from contains "@domain2.com"
)
then
save "/dev/null" 660
endif

But i really don’t know how to do, anybody has experienced can help me?

Thanks so much!

 

[lowhigh]

i'm not good at coding, anybody can help me!

 

[cPanelTristan]

This appears to be a filter you would put for the account in /etc/vfilters/domain.com file for the domain. Please note you will also need to place a filter file at /home/username/.cpanel/filter.yaml location. Please replace domain.com with the actual domain name and username with the cPanel username in the paths noted.

I highly suggest creating an example filter in cPanel > Account Level Filtering first so you can see what /etc/vfilters/domain.com and /home/username/.cpanel/filter.yaml look like so you can appropriately edit those files for the filter in question.

 

[lowhigh]

Hi Tristan!

I find that Filtering is usefull, so i understand:
1.Account level Filtering is leaved for all email accounts and all domains under Cpanel acc
2. User level Filtering is for specific account
So, i choose User level Filtering
Select my email account and Manage Filters
My purpose is config my email account only sending locally within my domain.com and not sending outside

I have created the filter
Rules: Any recipent doesnot contain @mydomain.com
Action: Fail with messages: Cannot sending outside

And i see in the filter file is:

Exim filter

# Auto Generated by cPanel.  Do not manually edit this file as your changes will be overwritten.  If you must edit this filter, edit the corresponding .yaml file as well.

if not first_delivery and error_message then finish endif

#Rule myaccount
if
 foranyaddress $h_to:,$h_cc:,$h_bcc: ( $thisaddress does not contain "@mydomain.com" )
then
 fail "Cannot sending outside"
endif

Now,when i login webmail and create new mail, it still sending outside without any warning!
Can you show me the incorrect config i have?

 

[cPanelTristan]

You cannot create the type of filter you wanted to create using cPanel > User Level Filtering area. You must edit the filter file to use the protocols you want to allow or not allow that you provided previously.

 

[lowhigh]

Hi Tristan!

The content in the /etc/vfilter/domain.com has the same as in the filter file i have post.
I don't know why the filter at user level and account level does not work
Can U explain me and give me a example for my purpose!

 

[cPanelTristan]

You had an initial post with a different filter:

logfile /var/log/filter.log 0644
if (
$received_protocol is "local" or
$received_protocol is "esmtpa"
) and (
$header_from contains "@domain1.com" or
$header_from contains "@domain2.com"
)
then
save "/dev/null" 660
endif

Please revise the filter cPanel created as I only suggested using that filter to create an example that you would revise. I do not know the exact revision, since this is a customization. Your initial question was where to place that code and I indicated for cPanel > Account Level Filtering where to place the code. You've chosen to use cPanel > User Level Filtering instead and appear to have located the file you need to revise with the code you suggested using initially. Please feel free to test using that code you provided in your first post.