block top level domain

torment

Verified User
Joined
Jan 10, 2007
Messages
13
Hi,
i want block top level domains like *.date or *.loan , i have added this in blacklist_* , but thats not helped me.
i have try with system_filter.exim this was negative too.

.date
.loan
*.date
*.loan

Please any advise ?
 

Erulezz

Verified User
Joined
Sep 14, 2015
Messages
441
Location
Arnhem, NL
To block incoming emails from TLD for a specific user go to:

User Level -> SpamAssassin -> E-mail blacklist

Enter one per line:

*@*.loan
*@*.date
This is for specific users, I don't know exactly how to block these system wide.
 

ditto

Verified User
Joined
Apr 27, 2009
Messages
2,580
To block them globally add it to /etc/virtual/blacklist_domains - for example add:

*.date

It works for me.
 

Richard G

Verified User
Joined
Jul 6, 2008
Messages
5,021
Location
Maastricht
The way ditto says is indeed the easiest and works fine. Next to that in contrary to exim.pl it won't be overwritten by an update.
I've got those in there too, works fine indeed:
*.date
*.loan
*.website
 

torment

Verified User
Joined
Jan 10, 2007
Messages
13
i have added like this and make this but nothing change :(

/etc/virtual/blacklist_domains
.date
.loan
*.date
*.loan
*@*.loan
*@*.date
 

torment

Verified User
Joined
Jan 10, 2007
Messages
13
off course i have restart exim , what i make :

/etc/virtual/blacklist_domains
.date
.loan
*.date
*.loan
*@*.loan
*@*.date

add this line to exim.pl link

if ($username eq "userwithrudomain") { return 1; }

after 2 days %80 blocked .date spam mails.
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
14,255
Location
GMT +7.00
There is no need to use it at all. It was an example with a fake username:

Code:
if ($username eq "userwithrudomain") { return 1; }
and here
userwithrudomain should be replaced by a real username for which you want to block SMTP.
 

torment

Verified User
Joined
Jan 10, 2007
Messages
13
There is no need to use it at all. It was an example with a fake username:

Code:
if ($username eq "userwithrudomain") { return 1; }
and here
userwithrudomain should be replaced by a real username for which you want to block SMTP.
i have add this line for example, really look like this;

if ($username eq "*.date") { return 1; }
if ($username eq ".date") { return 1; }
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
14,255
Location
GMT +7.00
Do you really have hosting users on your server with names "*.date" and/or ".date"? Username and domain name are different words, and they have different meanings.

The file /etc/virtual/blacklist_domains is what you need to use, if the things do not work as they should make sure you've got the latest exim.conf 4.5x and the file /etc/virtual/blacklist_domains has the correct permissions:

Code:
[/COLOR]-r--r-----. 1 mail mail 27 Jun 18  2017 /etc/virtual/blacklist_domains
if still emails are not blocked, then you need to check email headers, as they might have different domain in "envelope-from" and "from" headers. Exim tests matches against sender's domain, and sender addresses are easily, and commonly, forged.

Exim on Directadmin servers is configured to use nwildlsearch to find matches in /etc/virtual/blacklist_domains. It means each key in the file may be wildcarded domain. The file should contain domains, not email addresses, i.e. lines without @ should be used.
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
14,255
Location
GMT +7.00
Hello,

To block them globally add it to /etc/virtual/blacklist_domains - for example add:

*.date

It works for me.
I'm not sure what I did wrong this way it did not work for me. Is still working for you under exim.conf 4.5? In my case emails are not blocked if their `from` header contains an address with domain.date

The files


* /etc/virtual/blacklist_domains
* /etc/virtual/blacklist_senders


does not work with masks:


Code:
*@*.date
*.date
in my case.
 

Richard G

Verified User
Joined
Jul 6, 2008
Messages
5,021
Location
Maastricht
Well I'm very confused now.

Jeff also wrote in the past that Wildcards wouldn't work.
But in another thread of my I had the same problem and Directadmin Support wrote that I had to use wildcards?
https://forum.directadmin.com/showthread.php?t=55306&p=283397#post283397

I pointed out the answer which Jeff gave and this is what DA support answered to that:
The exim.conf versions have come a long way; they now support wildcards in certain areas. Just check the exim.conf to see if the load of the file in question is nwildsearch or something containing "wild".
I had them for a long time, I thought they were working.
 

ditto

Verified User
Joined
Apr 27, 2009
Messages
2,580
Without studying the log files, I can't say for sure. But I _think_ wildcard on top level domains (*.date) in /etc/virtual/blacklist_domains still works for me, as I have not seen any spam from the top level domains that I have blocked. I am running exim.conf 4.5.12
 
Last edited:

Richard G

Verified User
Joined
Jul 6, 2008
Messages
5,021
Location
Maastricht
I don't want to give the impression that I don't believe people. I can't test it very good myself. It seems to work.

I just want to say that if it does not work, then according to the reply's of DA staff, it must be a bug or something.
 

solokazama

New member
Joined
Feb 9, 2018
Messages
4
Sorry for answering old thread but wanted to block top level domain and wildcards worked:

blocked domain (its a free spam domain): *.ICU


2019-04-22 15:00:59 H=archivist.arkeolojimsi.com (archivist.jansewasociety.icu) [185.149.235.12] F=<jadwigaqdphfddflis@jansewasociety.icu> rejected RCPT <xxx@xxxxxxx>: 554 denied. 5.7.1 Domain Blocked due to SPAM

in:
/etc/virtual/blacklist_domains

added line (it has more lines of course):
*.icu

all seems to work fine

DA version 1.51.3
 
Top