Need to modify a new cpanel exim mail filter
I am modifying a new exim mail filter as per below, all works well but.
1. wondering how to log the output to logfile /var/log/filter.log which has been created with permission 0644?
2. How would I just fail the message and not send a reply back to the spammer?
3. is there a $header_to option to stop mail sent to a specific addresses
Thanks in advance.
/etc/cpanel_exim_system_filter_new
# Filters all incoming an outgoing mail logfile /var/log/filter.log 0644
# reject spam based on email body
# logfile /var/log/filter.log 0644
if
$message_body contains "Good Day" or
$message_body contains "Hello PayPal" or
$message_body contains "Dear valued PayPal" or
$message_body contains "forward to your positive reply"
then
fail text "This message has been rejected because it looks like you are spamming us."
endif
if
$header_from contains "rezult" or
$header_from contains "secret"
then
fail text "Your email has been rejected because it looks like you are spamming us."
endif
Who is Participating?
Experts Exchange Solution brought to you by
"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.
Experts Exchange Solution brought to you by
Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.
Start your 7-day free trial
The below code now works except for the logwrite, how do I make sure make sure that the exim user is the owner of the file.
Do I specify the logfile /var/log/filter.log 0644 at the top of the code or do I have to code it just above every logwrite command?
# Filters all incoming an outgoing mail logfile /var/log/filter.log 0644
# reject spam based on email body
logfile /var/log/filter.log 0644
if
$message_body contains "Good Day" or
$message_body contains "Hello PayPal" or
$message_body contains "Dear valued PayPal" or
$message_body contains "forward to your positive reply"
then
logwrite "$tod_log $message_id processed"
seen finish
# fail text "This message has been rejected because it looks like you are spamming us."
endif
You may gave to use 0664 or even 0666 does the file exist before the specimen rule runs?
To first confirm the writing, then decide which user needs to own
Chown mail:mail /var/log/filter.log?
All working now, just had to chown cpaneleximfilter.cpanelexi
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
From novice to tech pro — start learning today.
-
Microsoft ApplicationsCertification: MCSE Microsoft Certified Systems Engineer - Securing… 324 lessons
Experts Exchange Solution brought to you by
2) you would not fail the message, but deliver/save it to /dev/null (discard the message)
and hit finish to avoid further processing.
http://exim.org/exim-html-current/doc/html/spec_html/filter_ch03.html
3) according to the above referenced document, $heather_to is likely one of such Macro/variable
you may want to test first that there is a value there before ... i.e. when a message (spam, lacks the To: designation)
I'm not as familiar, but have a sufficient background with dealing with mail server/smtp that the above might be helpful to you.