Hey, I can't figure out a way to block mails from email addresses that end with .ru I can't use "From" & "Contains" ".ru" because someones name can be jakob.rusman for example. I've tried to use "From" & "Ends with" ".ru" and "ru", doesn't work, emails still come through. Any idea? And my Action: is set to "Delete".
Hey, thanks for the reply. this is for the whole server though. is there a way to block .ru on a specific user?
The per-user way to do this would be adding a spamfilter blacklist entry, but I don't think you can use that right now. The syntax for amavisd would be '@.ru' but you can't add that via the ui (probably needs a bug report filed); I don't think any syntax works for rspamd in the current form (adding an entry to settings), though you could manually configure a rule for it (probably start with the multimap module if you do, and watch for a future ispconfig version to manage mutlimap, so you don't loose your config). What you can do with current ispconfig is add a custom mail filter for the mailbox and discard these with sieve, using source Header, Matches Regex, 'Return-path: <.+?@(.+\\.)+\\.ru>'. That doesn't 'block' it in the 'reject in smtp' sense, but the mail won't end up in a user's mail folders.
Hey @Jesse Norell Thanks for the answer, this is not right, right? ### BEGIN FILTER_ID:121 if header :regex ["from"] ["Return-path: <.+?@(.+\\.)+\\.ru>"] { discard; stop; } ### END FILTER_ID:121 Doesnt seem to work, did i understand your answer right? I think my code is wrong
Correct, you are matching the From header for that full Return-path header format, which is wrong; change "Source" from "From" to "Header".
Thanks so much, i fixed it, but still emails from .ru come through? ### BEGIN FILTER_ID:126 if header :regex ["header"] ["Return-path: <.+?@(.+\\.)+\\.ru>"] { discard; stop; } ### END FILTER_ID:126
Im testing this snippet of code with 2 ".fi" ending domains. I have my main mail: ____.fi, i send a test mail to mail #2 (where the custom rule is applied) ### BEGIN FILTER_ID:126 if header :regex ["header"] ["Return-path: <.+?@(.+\\.)+\\.ru>"] { discard; stop; } ### END FILTER_ID:126 it still comes through, the return path header of the emails is normal, my main mail's email address ending with .fi
Have you tried with regular expression testers the expression does match the header string? Sites found with Internet Search Engines: https://www.regextester.com/ https://regexr.com/664kg
That should be: Return-Path: <.+@(.+)+\\.ru> Note when using these regex testers you must escape with a single slash, so your regex to test would be more like: <.+@(.+)+\.ru> Sieve escaping requires double-slashes, so just double all the backslashes once you have a working regex.
this regex thing doesnt seem to be correct, sorry im a big noob but what modifications i need to do to block @________.ru? @Jesse Norell @Taleman
See my last reply, both for the corrected regex to use as well as how to modify it if you want to use a regex tester.