Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Whitelisted email getting /dev/null treatment

Discussion in 'E-mail Discussions' started by hermit, Sep 23, 2009.

  1. hermit

    hermit Active Member

    Joined:
    Sep 22, 2004
    Messages:
    35
    Likes Received:
    1
    Trophy Points:
    158
    I have a customer that can't get email from a few clients. One in particular. Log entry. It gets tagged as not spam but still gets /dev/null? WTF? I tried white listing the 207 server. Still no go.

    root@cp [/home/oooc]# cat /var/log/exim_mainlog |grep 1MqQZQ-0008A1-Pl
    2009-09-23 08:03:41 1MqQZQ-0008A1-Pl H=eu1sys200aog114.obsmtp.com [207.126.144.137] Warning: "SpamAssassin as jarotran detected message as NOT spam (-100.0)"
    2009-09-23 08:03:42 1MqQZQ-0008A1-Pl <= xyz@corusgroup.com H=eu1sys200aog114.obsmtp.com [207.126.144.137] P=smtps X=TLSv1:AES256-SHA:256 S=7046 id=5A4A8C079BD2C64DB6DD33F5E26409D205AC9A32@tssexchmail00.ce.altis.corusgroup.com T="Sescilla: Test 9-23-09..."
    2009-09-23 08:03:42 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1MqQZQ-0008A1-Pl
    2009-09-23 08:03:42 1MqQZQ-0008A1-Pl => /dev/null <abc@jarotrans.com> R=central_filter T=**bypassed**
    2009-09-23 08:03:42 1MqQZQ-0008A1-Pl => /dev/null <def@jarotrans.com> R=central_filter T=**bypassed**
     
    #1 hermit, Sep 23, 2009
  2. MattCurry

    MattCurry Well-Known Member

    Joined:
    Aug 18, 2009
    Messages:
    275
    Likes Received:
    0
    Trophy Points:
    66
    Location:
    Houston, Tx
    Email getting /dev/null

    Hello,

    I am sorry to hear you are having issue, I would recommend checking to make sure that this is not an account level filter. That could cause these issues, if that is not that case you can also open a ticket via the link at the bottom of the post. Please let me know if you have any other questions.

    Thank you,
    Matthew Curry
     
    #2 MattCurry, Sep 24, 2009
  3. hermit

    hermit Active Member

    Joined:
    Sep 22, 2004
    Messages:
    35
    Likes Received:
    1
    Trophy Points:
    158
    I'll double check. Maybe change the order of some of their filters, but all the 'whites' first? The whitelist is at the local level as you see by the -100 score it gets.
     
    #3 hermit, Sep 24, 2009
  4. cPanelStephen

    cPanelStephen Active Member
    Staff Member

    Joined:
    Aug 7, 2007
    Messages:
    25
    Likes Received:
    0
    Trophy Points:
    51
    This is occurring as a result of account level filtering. You can determine this from the following log lines by focusing on the router that handled the message (see the 'R=' component of the log entry):

    Code:
    2009-09-23 08:03:42 1MqQZQ-0008A1-Pl => /dev/null <abc@jarotrans.com> R=central_filter T=**bypassed**
2009-09-23 08:03:42 1MqQZQ-0008A1-Pl => /dev/null <def@jarotrans.com> R=central_filter T=**bypassed**
    In this case, the 'central_filter' router was responsible for handling the message. This router's role is to apply the account level filters in the delivery process:

    Code:
    # Account level filtering for everything but the main account
#

central_filter:
    driver = redirect
    allow_filter
    no_check_local_user
    file = /etc/vfilters/${domain}
...TRUNCATED...
    If you happen to have a copy of the message being sent (including headers), I would recommend running it through the filter debugger.

    Code:
    exim -v -bf /etc/vfilters/${domain} < message.file
    You could also step through debugging the filters during a live SMTP process by executing:

    Code:
    exim -d-all+filter -bs
    This will launch a local SMTP session with the built-in debugger enabled, but will require you to manually issue the SMTP commands required to deliver that message.
     
    #4 cPanelStephen, Oct 2, 2009
  5. hermit

    hermit Active Member

    Joined:
    Sep 22, 2004
    Messages:
    35
    Likes Received:
    1
    Trophy Points:
    158
    I removed all of his black lists and the sender is white listed. That only leaves SA but I see nothing in the logs to indicate SA is removing it. What other user level filter could there be?
     
    #5 hermit, Oct 4, 2009
  6. hermit

    hermit Active Member

    Joined:
    Sep 22, 2004
    Messages:
    35
    Likes Received:
    1
    Trophy Points:
    158
    got it

    Thank you. I was a little slow on the uptake because I've only done the SA filters. I found the ones you were talking about and deleted them from the customers account.

    Thanks again.
     
    #6 hermit, Oct 4, 2009
(You must log in or sign up to post here.)
Loading...
Similar Threads - Whitelisted email getting
  1. Wabun

    SOLVED Googles IP are whitelisted, why and where?

    Wabun, Jan 31, 2017, in forum: Security
    Replies:
    7
    Views:
    418
    cPanelMichael
    Feb 6, 2017
  2. Nicholas-MAH

    Emails sent from forms issue

    Nicholas-MAH, Sep 21, 2017 at 12:00 AM, in forum: E-mail Discussions
    Replies:
    5
    Views:
    60
    cPanelMichael
    Sep 21, 2017 at 12:48 PM
  3. edavis90

    locally hosted email

    edavis90, Sep 20, 2017 at 12:16 PM, in forum: E-mail Discussions
    Replies:
    3
    Views:
    35
    cPanelMichael
    Sep 20, 2017 at 2:01 PM
  4. ClarkRL27

    auto reply to non existing email addresses

    ClarkRL27, Sep 19, 2017 at 9:06 PM, in forum: E-mail Discussions
    Replies:
    1
    Views:
    23
    cPanelMichael
    Sep 20, 2017 at 7:00 AM
  5. hassan777

    Catch-all email of wildcard subdomain

    hassan777, Sep 19, 2017 at 1:58 AM, in forum: E-mail Discussions
    Replies:
    1
    Views:
    34
    cPanelMichael
    Sep 19, 2017 at 10:47 AM

Share This Page