cPanel and WHM Configuration for Spam Experts
Hosted Cloud
To restrict deliveries to your WHM server from our filtering nodes only when domains use the SpamExperts MX records please do the following:
- SSH to the WHM server
- Create a new file /opt/setest with the following content
- Save the file
- Create a new file: /opt/setestptr with the following content
- Save the file
- Chmod the file the following command:
- Open the Exim Configuration Editor and enable the Advanced Mode and search for 'custom_begin_recp_verify'
- Paste the following into the box provided
- Save the configuration and you're all set. This configuration does the following:
#!/bin/bash
host -t MX $1 | sort -n -k1 | cut -d ' ' -f 7 | sed -e 's/\.$//' | xargs | sed -e 's/ /:/g' | tr -d '\n'
#!/bin/bash
host -t PTR $1 | cut -d ' ' -f5 | sed 's/\.$//g' | tr -d '\n'
chmod +x /opt/setest && chmod +x /opt/setestptr
######################################################################################
## Start SpamExperts verification
defer
!condition = ${if match_domain{${run {/opt/setestptr $sender_host_address}}}{*.antispamcloud.com}}
set acl_m_mx_records = ${run {/opt/setest $domain}}
condition = ${if eq{$acl_m_mx_records}{mx.spamexperts.com:fallbackmx.spamexperts.eu:lastmx.spamexperts.net}}
message = Please deliver mail to the address specified in the MX records for this domain.
## End SpamExperts verification
######################################################################################
If the MX records of the domain are exactly set to those in the condition:
- Accept mails if they originate from the hosts with the PTR *.antispamcloud.com or localhost
- Reject direct deliveries not originating from the 'safe' hosts
If the domain does not have their MX records configured as in the Exim configuration, it is assumed that they are not behind the filter and direct deliveries are accepted (given it passes the default ACL settings).
Local Cloud
To restrict deliveries to your WHM server from your filtering nodes only when domains use the SpamExperts MX records please do the following:
- Create a delivery hostname in your DNS. using A records that point to each of your primary IPs.
- SSH to the WHM server
- Create a new file /opt/setest with the following content
- Save the file
- Create a new file: /opt/setestptr with the following content
- Save the file
- Chmod the file the following command:
- Open the Exim Configuration Editor and enable the Advanced Mode and search for 'custom_begin_recp_verify'
- Paste the following into the box provided
- Save the configuration and you're all set.
delivery.example.com > A > Primary IP node 1
delivery.example.com > A > Primary IP node 2
delivery.example.com > A > Primary IP node 2
Please note in this article uses 'example.com' as the root hostname for your nodes.
#!/bin/bash
host -t MX $1 | sort -n -k1 | cut -d ' ' -f 7 | sed -e 's/\.$//' | xargs | sed -e 's/ /:/g' | tr -d '\n'
#!/bin/bash
host -t PTR $1 | cut -d ' ' -f5 | sed 's/\.$//g' | tr -d '\n'
chmod +x /opt/setest && chmod +x /opt/setestptr
######################################################################################
## Start SpamExperts verification
defer
!condition = ${if match_domain{${run {/opt/setestptr $sender_host_address}}}{*.example.com}}
set acl_m_mx_records = ${run {/opt/setest $domain}}
condition = ${if eq{$acl_m_mx_records}{mx1.example.com:mx2.example.com:mx3.example.com}}
message = Please deliver mail to the address specified in the MX records for this domain.
## End SpamExperts verification
######################################################################################
If the MX records of the domain are exactly set to those in the condition:
- Accept mails if they originate from the hosts with the PTR *.example.com or localhost
- Reject direct deliveries not originating from the 'safe' hosts
If the domain does not have their MX records configured as in the Exim configuration, it is assumed that they are not behind the filter and direct deliveries are accepted (given it passes the default ACL settings).