Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Whitelisted email getting /dev/null treatment

Discussion in 'E-mail Discussion' started by hermit, Sep 23, 2009.

  1. hermit

    hermit Active Member

    Joined:
    Sep 22, 2004
    Messages:
    35
    Likes Received:
    1
    Trophy Points:
    158
    I have a customer that can't get email from a few clients. One in particular. Log entry. It gets tagged as not spam but still gets /dev/null? WTF? I tried white listing the 207 server. Still no go.

    root@cp [/home/oooc]# cat /var/log/exim_mainlog |grep 1MqQZQ-0008A1-Pl
    2009-09-23 08:03:41 1MqQZQ-0008A1-Pl H=eu1sys200aog114.obsmtp.com [207.126.144.137] Warning: "SpamAssassin as jarotran detected message as NOT spam (-100.0)"
    2009-09-23 08:03:42 1MqQZQ-0008A1-Pl <= xyz@corusgroup.com H=eu1sys200aog114.obsmtp.com [207.126.144.137] P=smtps X=TLSv1:AES256-SHA:256 S=7046 id=5A4A8C079BD2C64DB6DD33F5E26409D205AC9A32@tssexchmail00.ce.altis.corusgroup.com T="Sescilla: Test 9-23-09..."
    2009-09-23 08:03:42 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1MqQZQ-0008A1-Pl
    2009-09-23 08:03:42 1MqQZQ-0008A1-Pl => /dev/null <abc@jarotrans.com> R=central_filter T=**bypassed**
    2009-09-23 08:03:42 1MqQZQ-0008A1-Pl => /dev/null <def@jarotrans.com> R=central_filter T=**bypassed**
     
    #1 hermit, Sep 23, 2009
  2. MattCurry

    MattCurry Well-Known Member

    Joined:
    Aug 18, 2009
    Messages:
    275
    Likes Received:
    0
    Trophy Points:
    66
    Location:
    Houston, Tx
    Email getting /dev/null

    Hello,

    I am sorry to hear you are having issue, I would recommend checking to make sure that this is not an account level filter. That could cause these issues, if that is not that case you can also open a ticket via the link at the bottom of the post. Please let me know if you have any other questions.

    Thank you,
    Matthew Curry
     
    #2 MattCurry, Sep 24, 2009
  3. hermit

    hermit Active Member

    Joined:
    Sep 22, 2004
    Messages:
    35
    Likes Received:
    1
    Trophy Points:
    158
    I'll double check. Maybe change the order of some of their filters, but all the 'whites' first? The whitelist is at the local level as you see by the -100 score it gets.
     
    #3 hermit, Sep 24, 2009
  4. cPanelStephen

    cPanelStephen Active Member Staff Member

    Joined:
    Aug 7, 2007
    Messages:
    25
    Likes Received:
    0
    Trophy Points:
    51
    This is occurring as a result of account level filtering. You can determine this from the following log lines by focusing on the router that handled the message (see the 'R=' component of the log entry):

    Code:
    2009-09-23 08:03:42 1MqQZQ-0008A1-Pl => /dev/null <abc@jarotrans.com> R=central_filter T=**bypassed**
2009-09-23 08:03:42 1MqQZQ-0008A1-Pl => /dev/null <def@jarotrans.com> R=central_filter T=**bypassed**
    In this case, the 'central_filter' router was responsible for handling the message. This router's role is to apply the account level filters in the delivery process:

    Code:
    # Account level filtering for everything but the main account
#

central_filter:
    driver = redirect
    allow_filter
    no_check_local_user
    file = /etc/vfilters/${domain}
...TRUNCATED...
    If you happen to have a copy of the message being sent (including headers), I would recommend running it through the filter debugger.

    Code:
    exim -v -bf /etc/vfilters/${domain} < message.file
    You could also step through debugging the filters during a live SMTP process by executing:

    Code:
    exim -d-all+filter -bs
    This will launch a local SMTP session with the built-in debugger enabled, but will require you to manually issue the SMTP commands required to deliver that message.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #4 cPanelStephen, Oct 2, 2009
  5. hermit

    hermit Active Member

    Joined:
    Sep 22, 2004
    Messages:
    35
    Likes Received:
    1
    Trophy Points:
    158
    I removed all of his black lists and the sender is white listed. That only leaves SA but I see nothing in the logs to indicate SA is removing it. What other user level filter could there be?
     
    #5 hermit, Oct 4, 2009
  6. hermit

    hermit Active Member

    Joined:
    Sep 22, 2004
    Messages:
    35
    Likes Received:
    1
    Trophy Points:
    158
    got it

    Thank you. I was a little slow on the uptake because I've only done the SA filters. I found the ones you were talking about and deleted them from the customers account.

    Thanks again.
     
    #6 hermit, Oct 4, 2009
(You must log in or sign up to post here.)
Loading...
Similar Threads - Whitelisted email getting
  1. USA_Webmaster

    Disable lfd email alerts for whitelisted IP?

    USA_Webmaster, Oct 30, 2018, in forum: General Discussion
    Replies:
    4
    Views:
    317
    cPanelMichael
    Oct 31, 2018
  2. rahnev

    In Progress [CPANEL-26633] cPHulk is one-day blocking whitelisted address for maximum failed authentications

    rahnev, Mar 26, 2019, in forum: Security
    Replies:
    5
    Views:
    424
    cPanelMichael
    Apr 8, 2019
  3. ampapa

    Spamassassin - blacklist all TLD allow whitelisted TLD?

    ampapa, Mar 14, 2018, in forum: E-mail Discussion
    Replies:
    3
    Views:
    700
    cPanelMichael
    Mar 15, 2018
  4. jose2019

    Email timed out while receiving the initial server greeting

    jose2019, May 22, 2019 at 1:31 PM, in forum: E-mail Discussion
    Replies:
    1
    Views:
    19
    cPanelLauren
    May 22, 2019 at 3:49 PM
  5. Mark Coates

    Email stuck in queue due to faulty email address?

    Mark Coates, May 22, 2019 at 4:24 AM, in forum: E-mail Discussion
    Replies:
    4
    Views:
    49
    cPanelLauren
    May 22, 2019 at 12:55 PM

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice