exigrep Subject /var/log/exim_mainlog
2018-07-26 00:09:42 1fiXav-002d0m-8r <= [email protected] H=(domain.com) [IP.IP.IP.IP]:58358 P=smtp S=6394 [email protected] T="8\345\277\253\345\277\253 \345\212\240\344\274\201\351\271\2051960009745 \345\205\215\350\264\271\351\200\201188\347\266\265\351\207\221 \345\234\260\345\235\200554638 \345\205\270C0M \r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r" for [email protected] 2018-07-26 00:09:42 1fiXav-002d0m-8r SMTP connection identification D= [email protected] [email protected] M=1fiXav-002d0m-8r U=root ID=0 B=redirect_resolver 2018-07-26 00:09:42 1fiXav-002d0m-8r check_mail_permissions could not determine the sender domain [routed_domain=gmail.com message_exim_id=1fiXav-002d0m-8r sender_host_address=IP.IP.IP.IP recipients_count=1] 2018-07-26 00:09:43 1fiXav-002d0m-8r => me ([email protected], [email protected]) <[email protected]> R=virtual_user T=dovecot_virtual_delivery C="250 2.0.0 <[email protected]> 4Z2RBIdJWVvRjQkAMSDWvQ Saved" 2018-07-26 00:09:43 1fiXav-002d0m-8r ** [email protected] ([email protected], [email protected]) <[email protected]> R=lookuphost T=remote_smtp H=gmail-smtp-in.l.google.com [188.8.131.52] X=TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128 CV=yes: SMTP error from remote mail server after end of data: 550-5.7.1 This message does not have authentication information or fails to pass\n550-5.7.1 authentication checks. To best protect our users from spam, the\n550-5.7.1 message has been blocked. Please visit\n550-5.7.1 https://support.google.com/mail/answer/81126#authentication for more\n550 5.7.1 information. y51-v6si299404qth.95 - gsmtp 2018-07-26 00:09:43 1fiXav-002d0m-8r Completed
Documentation on the system filter file is available at:The best way to manage incoming Mailer-Daemon is to use a system Exim filter. The filter would be placed in a filename of your choice in /usr/local/cpanel/etc/exim/sysfilter/options/. A file of /usr/local/cpanel/etc/exim/sysfilter/options/postmaster would be an example.
Then in that file, you would place the filter. Please keep in mind that we do not write filters but the following is provided as a courtesy. Any modifications would need to be done by you or a systems administrator you've obtained.
$h_to: contains "[email protected]"
and $h_from: does not contain "[email protected]"
save "/dev/null" 660
This filter will take any email that is to Mailer-Daemon and not from [email protected] and delete that email.
Once this file is created in /usr/local/cpanel/etc/exim/sysfilter/options/ you can log into WHM and then go to "Exim Configuration Manager" and make sure that custom filter is enabled and then scroll down and save.
This should get those emails filtered our and not be delivered.
|Thread starter||Similar threads||Forum||Replies||Date|
|Forwarder receiving spam||E-mail Discussion||3|
|G||Clients receiving spam from themselves, but not being sent from server?||E-mail Discussion||4|
|D||Receiving Spam from a lot of IP of Servers that create email with own domains||E-mail Discussion||3|
|F||Clients receiving spam from themselves, but not being sent from server?||E-mail Discussion||1|
|R||Receiving Spam||E-mail Discussion||6|