Exim ACL for blocking certain senders

[ozgurerdogan]

I want to block certain local user and tried this but does not help. Do you have an idea?

exim.conf I added:
acl_check_data:
deny senders = /etc/deny_senders
accept

deny_senders:
[email protected]
[email protected]
*@spammer.tld
*@lol.cats.tld

 

[zEitEr]

Hello,

On directadmin powered servers with exim you should have:

/etc/virtual/bad_sender_hosts
/etc/virtual/bad_sender_hosts_ip
/etc/virtual/blacklist_domains
/etc/virtual/blacklist_senders

depending on exim.conf version the list might differ.

So use them to block senders.

 

[ozgurerdogan]

I tried adding a local mail account to only blacklist_senders and restart exim. But that account can still send mail. Why it does not work and do I miss something?

 

[nobaloney]

I tried adding a local mail account to only blacklist_senders and restart exim. But that account can still send mail. Why it does not work and do I miss something?

Are you trying to block users on your system from sending email out through your server? The ACLs in the standard DirectAdmin exim.conf files (any version) won't block local senders from sending outbound email; that's not what they're designed for. Local senders are whitelised when they log in securely.

You can suspend individual email accounts, in which case they can't send email, or you can (from the root shell) limit the total number of emails a user can send.

Or you can make custom changes to exim.conf to test incoming email from local senders before authenticated email is accepted.

Jeff
'

 

[ozgurerdogan]

Yes because mail sending is done from default users' mail account which can not be deleted. I want to block that account. I disabled mail function but mails are still being sent. I tested with a simple mail form function to see if mail send function is disabled and it failed. So how joomle malwares can send those mails.

 

[zEitEr]

I tried adding a local mail account to only blacklist_senders and restart exim. But that account can still send mail. Why it does not work and do I miss something?

If you want to limit local user in sending emails: check this feature please: http://help.directadmin.com/item.php?id=81

Though default exim.conf/exim.pl does not allow to disable sending emails for a particular user, you can always set limit to 1 email per day for it.

 

[ozgurerdogan]

Thank you but that setting is only affected to user created mail accounts. Not for system default mail account that has no @domain.com extension. And hacked sites mostly use that account.

I found a way, but one thing to ask;

I created a exim mail filter:

if $sender_address contains "default-user-account-name"
then
unseen fail
endif



But that also makes bounce mail. I think it is ok as it is local account. But can not I completely delete / drop mail.