adding TLD to Exim Blacklist
-
I found this on another site, whilst not exactly what I was looking to achieve, it should hopefully provide the same result. cPanel comes stock with a number of ACLs and tuneables to help reduce the amount of unwanted email into your server. At present, there are not a lot of controls on the Exim side that allow for blocking specific email addresses or servers. While you can easily use the integrated SpamAssassin controls on a per-cPanel account basis, it’s generally less resource-intensive to handle these blocks at SMTP time.
cPanel’s implementation of Exim is set to automatically load filters from an include directory. This directory is located here:
/usr/local/cpanel/etc/exim/sysfilter/options/
Any files you drop in here will be included into the Exim filter. First, create a file in this folder. You can name it anything you want, but we’ll call ours inbound_tld_block:
/usr/local/cpanel/etc/exim/sysfilter/options/inbound_tld_block
In this file, add the following filter, replacing .tld with the actual TLD you want to block:
if first_delivery
and ("$h_to:, $h_cc:" contains ".tld")
or ("$h_from:" contains ".tld")
then
seen finish
endif
Now go into WHM -> Exim Configuration Manager -> Basic Editor -> Filters, and you should see the new filter listed:
** Custom Filter: inbound_tld_block
If it’s not already enabled, enable it here and then save.0 -
Hello, Let us know if that solution helps. Thank you. 0 -
Hello, Let us know if that solution helps. Thank you.
I am not OP, but I had the similar issue, and the provided solution works like a charm (I've blocked .top .xyz .pw .icu TLDs) So yes, it works for me. Thank you!0 -
I now use CSF mailscanner. It makes the job so much easier. 0 -
How do we block all domains which have only numbers in it? Can we add regex in this script? E.g. 1234.com, 2319.com etc 0 -
I am not OP, but I had the similar issue, and the provided solution works like a charm (I've blocked .top .xyz .pw .icu TLDs) So yes, it works for me. Thank you!
How do you add multiple tld's using that code?0 -
There might be a better way but this appears to work for multiple tlds: if first_delivery and ("$h_to:, $h_cc:" contains ".xyz") or ("$h_from:" contains ".xyz") then seen finish endif if first_delivery and ("$h_to:, $h_cc:" contains ".top") or ("$h_from:" contains ".top") then seen finish endif A question though: How can I stop the system from sending "delivery cancelled" bounces to the sender for those tlds? A lot of them are undeliverable and just sit in the queue until they time out. 0 -
I don't work for or acsscociated with CSF, but mailscanner is about $60. It makes this job so much easier. 0 -
It is a bit easier, but how about the resources? Will it need more CPU/RAM to add the rules in MailScanner or in Exim? 0 -
Good question. All I can add to this is that I don't see any adverse performance. However, I only have about 10 domains, and 8 of those see very little traffic. 0 -
I don't work for or acsscociated with CSF, but mailscanner is about $60. It makes this job so much easier.
Yes it does, and it's just one time payment. I always order ConfigServer Server Services + MailScanner to every new server.0 -
i have one WHM server and this solution doesn't work for me. I tried using the filters and I also tried Mailscanner to deny .icu extension. In this moment i have both exim filter and mailscanner blacklist for *@*.icu but i still see a lot of emails daily form .icu domains in the queue. Any ideeas what to do? Thanks. 0 -
i have one WHM server and this solution doesn't work for me. I tried using the filters and I also tried Mailscanner to deny .icu extension. In this moment i have both exim filter and mailscanner blacklist for *@*.icu but i still see a lot of emails daily form .icu domains in the queue. Any ideeas what to do? Thanks.
WHM > Email > Filter Incoming Emails by Domain *.example.com *.icu etc...0 -
ok, i will try this. thanks. 0
Please sign in to leave a comment.
Comments
14 comments