Skip to main content

Managing junk TLDs in spam

Comments

11 comments

  • Can Yayo

    You can block spam from specific TLDs before your global filters are applied by using exim (the mail server) configuration or by setting up custom rules in cPanel’s email filter that process based on the sender's domain or TLD.

    0
  • rusty99

    As an end user I don't think I can edit Exim (and likely don't have the skills).

    By email filters do you mean filters attached to individual email accounts?

    There is also Blacklisting, will that take regex like  .+@.+\.xyz 

    I guess I'm trying to find what's upstream of of global filters that end users can access to deal with this issue.

     

     

    0
  • cPRex Jurassic Moderator

    If you only have access to cPanel and not root access to your server, Global Email Filters is your best bet.  You would have more access to a higher level if you owned the entire server.

    0
  • rusty99

    OK - where can I submit a feature request for this area as I think there could be an additional feature.

    0
  • cPRex Jurassic Moderator

    Features.cpanel.net in the top right corner!  I also manage that area :D

    What feature specifically were you looking to add?

    0
  • rusty99

    I have Global Email filters that pick up keywords and send them to a Spam folder. This catches 90% of spam and I can eyeball them to ensure I'm not accidentally capturing legit emails. Once I have confirmed that my filters have worked I want to move some of the capture strings to a delete without delivery, ie discard message. The issue with Global Filters it seems is that if you have multiple filters they all act equally on each email, so if say I have a junk TLD > discard but that message also has 'tinnitus' which is a keyword in another filter it is delivered spam despite the discard directive. Perhaps both are True - is this the case? It would be great to have a hierarchy, even if its just two levels where discard is a priority, so it says "If it has user defined string with a discard directive (eg junk TLD > discard) then discard without further processing, else, go to next filter". You could build a seperate Discard Global Filter Set and a Keyword Filter Set. The Discard one sits upstream of Keyword. Hope this makes sense.

    0
  • cPRex Jurassic Moderator

    Thanks for the additional details.  There's two ways you can handle the filters you create in Global Filters.

    The first option, is what I think you have happening now, where you have multiple separate filters created that are all firing at once.  There isn't a particular order as all those filters will be applied to any message that meets the criteria.

    The second option sounds more like what you want to create, which is where you can click the "+" logo inside a new filter to add options.  This will allow you to create and/or statements so the filters are handled in the order you'd like.  I've attached a screenshot showing this:

     

    Is that what you're looking to do?

    0
  • rusty99

    Thanks, I already do the second option OR for individual filters. 

    The "Current Filters" list is I think where the issue might be. Here is an example of two filters:

    Spam TLD > delete

    Keyword capture > spam folder

    As there seems to be no boolean options between Filters, I gather each incoming email is assessed against each filter? If so both are true? So the TLD I want to delete is in fact delivered as it has a capture keyword in the second filter.

     

     

     

    0
  • cPRex Jurassic Moderator

    Right - the filters work top down in the order they appear on the page. 

    0
  • rusty99

    The email filters system can be a bit opaque to an end user so I want to ensure I have the whole picture to address the issues I've mentioned in this post, so apologies for the long winded text. Please correct me if I'm wrong here.

    I’m assuming this is how Email Filters works:

    Inside Global Email Filters there is a process where you create ‘Filters’. Inside individual Filters you can create multiple Rules, ie match criteria that is processed. 

    You can create multiple Filters (I prefer to call them filter sets as they may contain multiple matches). Both Filter sets themselves and internally, their individual rules, can be ordered by drag and drop.

    Filter Rules have AND/OR Boolean options, whereas the Filters themselves seem to be AND only, so all filters are processed (equally)? So if you have one filter that sends targeted mail to /dev/null and another below it that also matches a string in the email, that is also True and gets processed to a spam folder, for example.

    So the issue is, how do you send some emails to /dev/null so they never appear in your email app, without them also appearing elsewhere, such as a spam folder you’ve set up. 

    Here is an example. I want all email with the TLD From: xxx.best to go to /dev/null which happens.

    But the From: xxx.best email also matches a catchall Filter because it has “tinnitus” in the title (or any of 20 similar catch all criteria).

    As you can see in the example below, when tested both are True and both get processed.

    Filter 1 has a Rule > From: contains xxx.best - send to /dev/null

    Filter 2 has a Rule > Subject: contains tinnitus - send to user spam folder

    Result is below:

    Headers charset "UTF-8" Save message to: /dev/null 0660 
    Deliver message to: "GLOBAL SPAM" @user.net
    Filtering set up at least one significant delivery or other action. No other deliveries will occur.

    What I want is more like IF/ELSE where it says:
    If From: contains xxx.best is True, process to /dev/null and do not process further
    Else,
    Process next filter

    Is there a way of achieving this through any means in cPanel for an end user?

    0
  • cPRex Jurassic Moderator

    Thanks for the clear description.  I don't have a way to make if/then filter type statements on end user messages at this time.  This sounds like it would be an excellent feature request if you'd like to submit one over at features.cpanel.net.  I also manage that area and I'll be sure that gets seen by the team!

     

    0

Please sign in to leave a comment.