Need to modify a new cpanel exim mail filter

sabecs
sabecs used Ask the Experts™
on
Hi,
I am modifying a new exim mail filter as per below, all works well but.

1. wondering how to log the output to logfile /var/log/filter.log which has been created with permission 0644?

2. How would I just fail the message and not send a reply back to the spammer?

3. is there a $header_to option to stop mail sent to a specific addresses

Thanks in advance.

/etc/cpanel_exim_system_filter_new


# Filters all incoming an outgoing mail logfile /var/log/filter.log 0644
# reject spam based on email body
# logfile /var/log/filter.log 0644 

if
    $message_body contains "Good Day" or
    $message_body contains "Hello PayPal" or
    $message_body contains "Dear valued PayPal" or
    $message_body contains "forward to your positive reply"
then
    fail text "This message has been rejected because it looks like you are spamming us."
endif

if
    $header_from contains "rezult" or 
    $header_from contains "secret"  
then
    fail text "Your email has been rejected because it looks like you are spamming us."
endif

Open in new window

Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Distinguished Expert 2017
Commented:
1)644 permissions are not the issue, who the file's owner is the important point. Make sure that the exim user is the owner of the file and you are set. Make sure to setup logrotate for this file to maintain/manage the amount of space these logs consume.

2) you would not fail the message, but deliver/save it to /dev/null (discard the message)
and hit finish to avoid further processing.
http://exim.org/exim-html-current/doc/html/spec_html/filter_ch03.html

3) according to the above referenced document, $heather_to is likely one of such Macro/variable
you may want to test first that there is a value there before ... i.e. when a message (spam, lacks the To: designation)

I'm not as familiar, but have a sufficient background with dealing with mail server/smtp that the above might be helpful to you.

Author

Commented:
Thanks for you help Arnold, much appreciated.

The below code now works except for the logwrite, how do I make sure make sure that the exim user is the owner of the file.

Do I specify the  logfile /var/log/filter.log 0644 at the top of the code or do I have to code it just above every logwrite  command?
# Filters all incoming an outgoing mail logfile /var/log/filter.log 0644
# reject spam based on email body
    logfile /var/log/filter.log 0644 

if
    $message_body contains "Good Day" or
    $message_body contains "Hello PayPal" or
    $message_body contains "Dear valued PayPal" or
    $message_body contains "forward to your positive reply"
then
    logwrite "$tod_log $message_id processed"
    seen finish
#   fail text "This message has been rejected because it looks like you are spamming us."
endif

Open in new window

Distinguished Expert 2017
Commented:
ls -l /var/log/filter.log?

You may gave to use 0664 or even 0666 does the file exist before the specimen rule runs?
To first confirm the writing, then decide which user needs to own
Chown mail:mail /var/log/filter.log?

Author

Commented:
Thanks Arnold, much appreciated.
All working now, just had to chown cpaneleximfilter.cpaneleximfilter /var/log/filter.log

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial