Autoresponders can cause unneccessary strain on WHM/cPanel admins and have them spend time on deleting unwanted emails.
A higher than usual rate of undeliverable email can be a sign of spam activity and there is already a mechanism in WHM/cPanel that locks mailing from accounts with more than average (admin defined) bounce rate. You may also have your own scripts parsing mail server logs and informing you about per account mail undeliverabilty statistics or regularily review WHM mailing statistics (takes more time).
With default setup, when an autoresponder is set and an email comes from a fake sender address you (sysadmin) are getting email in every single case of delivery problem and this may be problematic.
Let's see the scenario for the article:
- Mail with fake sender is sent to a mailbox ('YOURMBOX') with autoresponder active.
- Mail server tries to send autoresponse but fails.
- Mailer daemon reports failure to YOURMBOX
- YOURMBOX sends autoresponder message to mailer daemon and it finally ends up into a live person mailbox (usuallay system administrator).
Now suppose you are the system administrator and do not want to receive the annoying autoresponder messages. One of possible solutions is to filter out (discard) these emails with Exim filter of the destination user (root in this case).
Here goes example
.forward file (
/root/.forward) that will be picked up by Exim and processed as Exim filter code.
# Exim filter logfile $home/.forward.log #logwrite "$tod_log $message_id $header_subject: $header_from: => $header_to:" if error_message then finish endif if $header_from: contains "[email protected]" and $header_to: contains "mailer-daemon" then #if $header_from: contains "[email protected]" and not personal then logwrite "$tod_log $message_id $header_subject: $header_from: => $header_to:" seen finish endif # deliver any non-filtered message to sysadmin deliver support@yourcompany
For testing you may save an unwanted email source (that you prepared recipe for in the above filter) to a temporary file say
/tmp/message and run:
[~]# /usr/sbin/exim -v -bf .forward < /tmp/message Sender taken from "From " line Return-path taken from "Return-path:" header line Return-path = [email protected] Sender = [email protected] Recipient = [email protected] Testing Exim filter file ".forward" Logfile /root/.forward.log Logwrite "2014-06-23 03:45:37 1Wyxsf-0004OV-Dz Subject "unwanted sender" <[email protected]> => Mail Delivery System <[email protected]>\n" Condition is false: error_message Sub-condition is true: $header_from: contains [email protected] Sub-condition is true: not personal Condition is true: $header_from: contains [email protected] and not personal Seen finish Filtering set up at least one significant delivery or other action. No other deliveries will occur.
to see if the message is correctly processed and recognized as the one that should be discarded. Logfile will not be written to when testing. Instead the Logwrite line is printed to terminal. As you can see the filter matched with 'Seen finish' that discarded the message.
On Centos/cPanel system default
mailer-daemon: postmaster postmater: root # root: [email protected] <- DELETE OR COMMENT OUT THIS
so your undelivery notifications will go to root. Make sure you do not have root mapped to an other user or email in
/etc/aliases. Remove the mapping if found. If root is mapped to an account or email in
/root/.forward will not be processed at all.
With this simple filter we can get rid of messages generated by autoresponders and save time.
In newer versions of cpanel (Q3 2016) Exim has
localuser_root rule that will ignore mail destined for root with root cannot accept local mail deliveries. In such case you need to map root to an other (auxiliary) user in
/etc/aliases and move root's
.forward to this user home directory. Do not forget to update