Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Whitelisted email getting /dev/null treatment

Discussion in 'E-mail Discussion' started by hermit, Sep 23, 2009.

  1. hermit

    hermit Active Member

    Joined:
    Sep 22, 2004
    Messages:
    35
    Likes Received:
    1
    Trophy Points:
    158
    I have a customer that can't get email from a few clients. One in particular. Log entry. It gets tagged as not spam but still gets /dev/null? WTF? I tried white listing the 207 server. Still no go.

    root@cp [/home/oooc]# cat /var/log/exim_mainlog |grep 1MqQZQ-0008A1-Pl
    2009-09-23 08:03:41 1MqQZQ-0008A1-Pl H=eu1sys200aog114.obsmtp.com [207.126.144.137] Warning: "SpamAssassin as jarotran detected message as NOT spam (-100.0)"
    2009-09-23 08:03:42 1MqQZQ-0008A1-Pl <= xyz@corusgroup.com H=eu1sys200aog114.obsmtp.com [207.126.144.137] P=smtps X=TLSv1:AES256-SHA:256 S=7046 id=5A4A8C079BD2C64DB6DD33F5E26409D205AC9A32@tssexchmail00.ce.altis.corusgroup.com T="Sescilla: Test 9-23-09..."
    2009-09-23 08:03:42 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1MqQZQ-0008A1-Pl
    2009-09-23 08:03:42 1MqQZQ-0008A1-Pl => /dev/null <abc@jarotrans.com> R=central_filter T=**bypassed**
    2009-09-23 08:03:42 1MqQZQ-0008A1-Pl => /dev/null <def@jarotrans.com> R=central_filter T=**bypassed**
     
  2. MattCurry

    MattCurry Well-Known Member

    Joined:
    Aug 18, 2009
    Messages:
    275
    Likes Received:
    0
    Trophy Points:
    66
    Location:
    Houston, Tx
    Email getting /dev/null

    Hello,

    I am sorry to hear you are having issue, I would recommend checking to make sure that this is not an account level filter. That could cause these issues, if that is not that case you can also open a ticket via the link at the bottom of the post. Please let me know if you have any other questions.

    Thank you,
    Matthew Curry
     
  3. hermit

    hermit Active Member

    Joined:
    Sep 22, 2004
    Messages:
    35
    Likes Received:
    1
    Trophy Points:
    158
    I'll double check. Maybe change the order of some of their filters, but all the 'whites' first? The whitelist is at the local level as you see by the -100 score it gets.
     
  4. cPanelStephen

    cPanelStephen Active Member
    Staff Member

    Joined:
    Aug 7, 2007
    Messages:
    25
    Likes Received:
    0
    Trophy Points:
    51
    This is occurring as a result of account level filtering. You can determine this from the following log lines by focusing on the router that handled the message (see the 'R=' component of the log entry):

    Code:
    2009-09-23 08:03:42 1MqQZQ-0008A1-Pl => /dev/null <abc@jarotrans.com> R=central_filter T=**bypassed**
    2009-09-23 08:03:42 1MqQZQ-0008A1-Pl => /dev/null <def@jarotrans.com> R=central_filter T=**bypassed** 
    
    In this case, the 'central_filter' router was responsible for handling the message. This router's role is to apply the account level filters in the delivery process:

    Code:
    # Account level filtering for everything but the main account
    #
    
    central_filter:
        driver = redirect
        allow_filter
        no_check_local_user
        file = /etc/vfilters/${domain}
    ...TRUNCATED...
    
    If you happen to have a copy of the message being sent (including headers), I would recommend running it through the filter debugger.

    Code:
    exim -v -bf /etc/vfilters/${domain} < message.file
    You could also step through debugging the filters during a live SMTP process by executing:

    Code:
    exim -d-all+filter -bs
    This will launch a local SMTP session with the built-in debugger enabled, but will require you to manually issue the SMTP commands required to deliver that message.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. hermit

    hermit Active Member

    Joined:
    Sep 22, 2004
    Messages:
    35
    Likes Received:
    1
    Trophy Points:
    158
    I removed all of his black lists and the sender is white listed. That only leaves SA but I see nothing in the logs to indicate SA is removing it. What other user level filter could there be?
     
  6. hermit

    hermit Active Member

    Joined:
    Sep 22, 2004
    Messages:
    35
    Likes Received:
    1
    Trophy Points:
    158
    got it

    Thank you. I was a little slow on the uptake because I've only done the SA filters. I found the ones you were talking about and deleted them from the customers account.

    Thanks again.
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice