One of the biggest problems a administratorof e-mail servers, is SPAM. Especially from domains that send messages from countries like Russia and China. In this tutorial you will see how to block an email domain in EXIM, for receiving email messages.
To filter IPs is quite difficult, especially if they are a few thousand and are not included in a global SPAM list. I have seen, however, that many messages come from qq.com. A domain address that uses a lot of IPs and makes SPAM globally.
If we identify the source domain from which these messages are sent and we have access to the service configurations EXIM, an automatic rejection of them can be set. This means that messages sent from a specific domain name or email address can be automatically rejected. Basically, this is how you block an email domain in EXIM, manually, if you don't have a software installed on the server that can do this.
How to block an email domain in EXIM (Incoming mail)
To set EXIM to automatically reject messages received from one or more domain names, email addresses or even TLDs (.cn, .in, .io, etc…), first of all you must have full access to the e-mail server and make sure that e-mail messages are transported through the EXIM service.
by the way EXIM this is the most used globally on servers Linux.
1. Locate and open a text editor for Linux, the file "exim.conf". The name may vary depending on the version of EXIM being used.
nano /etc/exim.conf 2. In exim.conf add the following lines for ACL (Access Control Lists).
acl_check_data:
deny senders = /etc/deny_senders
acceptSave the file after adding the lines above.
3. Create a new file, named: "deny_senders” in which you add the domains, e-mail addresses or .tlds from which you no longer wish to receive e-mail messages:
nano /etc/deny_sendersAdd the domains from which e-mail messages will be rejected automatically.
*@qq.com
*.cn
spam@address.ja4. Save the file and restart Exim.
systemctl restart eximThis is a very simple method by which you block an email domain in EXIM (Incoming mail).
The result in the server will look like this:
tail -f /var/log/exim.log1eYSPn-0006oJ-2U H=(qq.com) [180.117.215.50] F=<859589201@qq.com> rejected after DATA
1eYSQJ-0006ok-FN H=(aplongsheng.com) [113.117.106.33] F=<494914775@qq.com> rejected after DATA
1eYSQU-0006pT-F6 H=(cdadsj.com) [118.248.236.18] F=<1121060958@qq.com> rejected after DATA
1eYSSQ-0006ux-QB H=(qq.com) [125.125.211.88] F=<952192884@qq.com> rejected after DATAIt's the easiest simple option if you're taken up by waves of SPAM coming from China, India, Russia or other areas of the globe. However, before blocking a domain name or a TLD, make sure you do not have partners or collaborators who can contact you from these addresses.
This setup of Exim is valid for both web servers with cPanel and for those with VestaCP.
