Block domain top level from sending emails

nservices

Verified User
Joined
Dec 11, 2008
Messages
293
Hi,
how it's possible to block emails from top level domain, for example from .ru
or from .tw

Best Regards,
 

DirectAdmin Support

Administrator
Staff member
Joined
Feb 27, 2003
Messages
8,927
Do you mean you have some .ru domains on your server in DA, and you do not wish for them to be able to send email?

John
 

DirectAdmin Support

Administrator
Staff member
Joined
Feb 27, 2003
Messages
8,927
The easiest is to edit:
/etc/exim.pl

find this subroutine:
Code:
[COLOR=#000000]sub hit_limit_user[/COLOR]


and make the first few lines look like this:
Code:
sub hit_limit_user{
    my($username) = @_;

[COLOR=#0000ff]    if ($username eq "[B]userwithrudomain[/B]") { return 1; }[/COLOR]
    
    my $count = 0;
    my $email_limit = 0;
so that the limit will always be hit for userwithrudomain (replace with the user to block).
You can add multiple of those lines, if you have many Users with ru domains.

It also wouldn't be a bad idea to lock it to prevent accidents, and make a copy:
Code:
cd /etc
cp exim.pl exim.pl.saved
chattr +i exim.pl
John


 

roarkh

Verified User
Joined
Aug 30, 2005
Messages
141
Location
Bellingham, WA
I posted a new topic a week or so ago asking how I can block all emails that are coming to my server from certain top level domains, my thread was closed and I was pointed to here (http://forum.directadmin.com/showthread.php?t=47943). However, I am a little confused by a couple things in this thread and am hoping someone can enlighten me.

First, it looks as though this thread is about blocking all outgoing email to a top level domain, not about blocking incoming email from the domain (Am I misunderstanding this? I am basing it on John's statement above, "Do you mean you have some .ru domains on your server in DA, and you do not wish for them to be able to send email?") I want to block my server from receiving any emails from certain top level domains, will these instructions work for that?

Anyway, I decided to just go ahead and test it to see and that brings me to my second bit of confusion. The version of exim.pl I am using does not seem to have a "hit_limit_user" section in it. Should it? Can I simply add the entire section somewhere in there?

Thanks in advance.
 

nobaloney

NoBaloney Internet Svcs - In Memoriam †
Joined
Jun 16, 2003
Messages
26,119
Location
California
I don't think this thread (so far) is going to help you. But you should always use the latest copy of exim.pl, which you can get here.

To block emails from countries on your you'll need to know the IP# assignments from the countries you want to block (this[nirsoft.net] may help), and then you can put them into the /etc/virtual/bad_sender_hosts_ip file (using CIDR notation). You don't have to restart anything.

Jeff
 

roarkh

Verified User
Joined
Aug 30, 2005
Messages
141
Location
Bellingham, WA
Thanks Jeff, I am digging deeper into this, upon further investigation the hosts that are hitting the server from .me and .mobi tld's are not what they initially appeared to be. When I actually started investigated the IP addresses associated with the server names in exim's logs I found that most of them are actually coming from what appear to be data centers in the United States. I think I will be able to solve much of the problem by blocking those specific ip ranges. Thanks again for your help.
 
Top