Recently we have noticed lot of spam emails from .ru or .cyou domain. In this article, I would like to discuss about how to block such emails from a specific TLD
First step is to copy the file /etc/cpanel_exim_system_filter to /usr/local/cpanel/etc/exim/sysfilter/options/
cp -pr /etc/cpanel_exim_system_filter /usr/local/cpanel/etc/exim/sysfilter/options/
Next step is to add the following rules to /usr/local/cpanel/etc/exim/sysfilter/options/cpanel_exim_system_filter
#For blocking all incoming and outgoing russian emails
if first_delivery
and ("$h_to:, $h_cc:" contains ".ru")
or ("$h_from:" contains ".ru")
then
seen finish
endif
Now we have created a rule to block all the emails from .ru domains and we need to add this rule to our exim configuration.
You can add it from your WHM => Exim Configuration Manager => Advanced editor
system_filter /usr/local/cpanel/etc/exim/sysfilter/options/cpanel_exim_system_filter
We are all set. All the emails from .ru domains will be rejected by the server now.