Autoresponders can cause unneccessary strain on WHM/cPanel admins and have them spend time on deleting unwanted emails.
A higher than usual rate of undeliverable email can be a sign of spam activity and there is already a mechanism in WHM/cPanel that locks mailing from accounts with more than average (admin defined) bounce rate. You may also have your own scripts parsing mail server logs and informing you about per account mail undeliverabilty statistics or regularily review WHM mailing statistics (takes more time).
With default setup, when an autoresponder is set and an email comes from a fake sender address you (sysadmin) are getting email in every single case of delivery problem and this may be problematic.
Let’s see the scenario for the article:
- Mail with fake sender is sent to a mailbox (‘YOURMBOX’) with autoresponder active.
- Mail server tries to send autoresponse but fails.
- Mailer daemon reports failure to YOURMBOX
- YOURMBOX sends autoresponder message to mailer daemon and it finally ends up into a live person mailbox (usuallay system administrator).
Now suppose you are the system administrator and do not want to receive the annoying autoreponder messages. One of possible solutions is to filter out (discard) these emails with Exim filter of the destination user (root in this case).
Here goes example .forward file (/root/.forward) that will be picked up by Exim and processed as Exim filter code.
# Exim filter
#logwrite "$tod_log $message_id $header_subject: $header_from: => $header_to:"
if error_message then finish endif
if $header_from: contains "email@example.com" and $header_to: contains "mailer-daemon" then
#if $header_from: contains "firstname.lastname@example.org" and not personal then
logwrite "$tod_log $message_id $header_subject: $header_from: => $header_to:"
# deliver any non-filtered message to sysadmin
For testing you may save an unwanted email source (that you prepared recipe for in the above filter) to a temporary folder say /tmp/meessage and run:
[~]# /usr/sbin/exim -v -bf .forward < /tmp/message
Sender taken from "From " line
Return-path taken from "Return-path:" header line
Return-path = email@example.com
Sender = -@local.server
Recipient = firstname.lastname@example.org
Testing Exim filter file ".forward"
Logwrite "2014-06-23 03:45:37 1Wyxsf-0004OV-Dz Subject "unwanted sender" <email@example.com> => Mail Delivery System <Mailer-Daemon@local.server>\n"
Condition is false: error_message
Sub-condition is true: $header_from: contains firstname.lastname@example.org
Sub-condition is true: not personal
Condition is true: $header_from: contains email@example.com and not personal
Filtering set up at least one significant delivery or other action.
No other deliveries will occur.
to see if the message is correctly processed and recognized as the one that should be discarded. Logfile will not be wriiten to when testing. Instead the Logwrite line is printed to terminal. As you can see the filter matched with ‘Seen finish‘ that discarded the message.
On Centos/cPanel system default /etc/aliases defines
# root: firstname.lastname@example.org <- DELETE OR COMMENT OUT THIS
so your undelivery notifications will go to root. Make sure you do not have root mapped to an other user or email in /etc/aliases. Remove the mapping if found. If root is mapped to an account or email in /etc/aliases then /root/.forward will not be processed at all.
With this simple filter we can get rid of messages generated by autoresponders and save time.