Hi there - in the last few days I'm getting lots of spam to the Mailer-Daemon email address - these are not bounces but rather emails sent directly to it. How do I disable this?
Thanks.
Thanks.
exigrep Subject /var/log/exim_mainlog
2018-07-26 00:09:42 1fiXav-002d0m-8r <= [email protected] H=(domain.com) [IP.IP.IP.IP]:58358 P=smtp S=6394 [email protected] T="8\345\277\253\345\277\253 \345\212\240\344\274\201\351\271\2051960009745 \345\205\215\350\264\271\351\200\201188\347\266\265\351\207\221 \345\234\260\345\235\200554638 \345\205\270C0M \r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r\n\r" for [email protected]
2018-07-26 00:09:42 1fiXav-002d0m-8r SMTP connection identification D= [email protected] [email protected] M=1fiXav-002d0m-8r U=root ID=0 B=redirect_resolver
2018-07-26 00:09:42 1fiXav-002d0m-8r check_mail_permissions could not determine the sender domain [routed_domain=gmail.com message_exim_id=1fiXav-002d0m-8r sender_host_address=IP.IP.IP.IP recipients_count=1]
2018-07-26 00:09:43 1fiXav-002d0m-8r => me ([email protected], [email protected]) <[email protected]> R=virtual_user T=dovecot_virtual_delivery C="250 2.0.0 <[email protected]> 4Z2RBIdJWVvRjQkAMSDWvQ Saved"
2018-07-26 00:09:43 1fiXav-002d0m-8r ** [email protected] ([email protected], [email protected]) <[email protected]> R=lookuphost T=remote_smtp H=gmail-smtp-in.l.google.com [209.85.232.26] X=TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128 CV=yes: SMTP error from remote mail server after end of data: 550-5.7.1 This message does not have authentication information or fails to pass\n550-5.7.1 authentication checks. To best protect our users from spam, the\n550-5.7.1 message has been blocked. Please visit\n550-5.7.1 https://support.google.com/mail/answer/81126#authentication for more\n550 5.7.1 information. y51-v6si299404qth.95 - gsmtp
2018-07-26 00:09:43 1fiXav-002d0m-8r Completed
Hello,Hi Michael - I'm confused - why is the server accepting external mail for that and routing it to me to begin with?
Documentation on the system filter file is available at:The best way to manage incoming Mailer-Daemon is to use a system Exim filter. The filter would be placed in a filename of your choice in /usr/local/cpanel/etc/exim/sysfilter/options/. A file of /usr/local/cpanel/etc/exim/sysfilter/options/postmaster would be an example.
Then in that file, you would place the filter. Please keep in mind that we do not write filters but the following is provided as a courtesy. Any modifications would need to be done by you or a systems administrator you've obtained.
if
$h_to: contains "[email protected]"
and $h_from: does not contain "[email protected]"
then
save "/dev/null" 660
endif
This filter will take any email that is to Mailer-Daemon and not from [email protected] and delete that email.
Once this file is created in /usr/local/cpanel/etc/exim/sysfilter/options/ you can log into WHM and then go to "Exim Configuration Manager" and make sure that custom filter is enabled and then scroll down and save.
This should get those emails filtered our and not be delivered.
Hello @AndyB78,/dev/null <system-filter> routing defer (-1): system_filter_file_transport is unset
then
save "/dev/null" 660
endif
then noerror seen finish
endif
Thread starter | Similar threads | Forum | Replies | Date |
---|---|---|---|---|
P | Email account is receiving lots of spam bounces | 5 | ||
I | Receiving tons of spamming emails every day | 6 | ||
![]() |
Forwarder receiving spam | 3 | ||
G | Clients receiving spam from themselves, but not being sent from server? | 4 | ||
D | Receiving Spam from a lot of IP of Servers that create email with own domains | 3 |