Block mail to exact match

F

Fathi

Well-Known Member
May 13, 2016
125
3
58
52
Tunis, Tunisia
Hi, I would like to block email sent to m@mydomain.com. I have set up a what object with Filed match To m@mydomain.com but then all mail sent to emails ending with m@mydomain.com gets blocked.
I would like to block email sent to exact receiver email address. Tried different combinations, but still can't find the correct one.
Could someone help me please.
TIA
 
If you want to match on the To header (instead of the envelop-receiver) then try anchoring the regex: '^m@mydomain.com$'
see the reference documentation:
https://pmg.proxmox.com/pmg-docs/pmg-admin-guide.html#pmg_mailfilter_regex
and one of the many howtos on regular expressions on the internet...

However keep in mind that, if you match on the To header, mails which are sent to you in CC (or BCC) won't be matched by this rule
(consider using a Who Object, which matches on the envelope receiver)

I hope this helps!
 
  • Like
Reactions: Fathi
Did you find a solution? I'm having a similar problem and cannot get it to work.

I'm trying to block the exact recipient address "1@mydomain.com". I have a blacklist set up as a What Object (Match Field received=) and it works for all others that I block, but this one unfortunately allws mail no mater what I try.

The issue is that when I test the regex that I enter, it reports a match, but when mail comes in, it fails to match. I've tried these expressions with no luck:
^1@mydomain.com
^1@mydomain.com$
/^1@mydomain.com$/
^(1@mydomain.com)
^(1@mydomain.com$)

Any help would be appreciated.
 
mikem12 said:
(Match Field received=)
Click to expand...
Why do you match for the received headers (instead of say To)?
Why do you use a what field instead of an Who object (both can make sense - but the envelope-address is matched with a who object - which is also what is most likely in the received headers...

Finally - the received headers contain more text than just the address - so an anchored match will not be enough...
try: '.*1@mydomain.com.*'

I hope this helps!
 
I use the received headers because many spam To: address is an alias or group distribution list of some sort. The received headers reveal the actual user the mail was intended for. I use the received header check for all others and it works fine, likely because they are more unique. Unfortunately, 1@example.com matches too many addresses.

I tried the '.*1@mydomain.com.*' you suggested, but it failed to pass the "Test" button on the rule entry, indicating it did not produce a match.

Thank you
 
if you want to see the actual destination mailbox - quite often a Who Object - which matches the envelope receiver is a good choice

mikem12 said:
I tried the '.*1@mydomain.com.*' you suggested, but it failed to pass the "Test" button on the rule entry, indicating it did not produce a match.
Click to expand...
That does sound odd and I cannot reproduce that here ?
using '.*1@domain.com.*' and testing with '1@domain.com' yields a match (as is expected) - it would be even better to use '.*1@domain\.com.*' (to capture an actual '.' and not "any character")

What's your `pmgversion -v` output?
 
Just to clarify, using '.*1@domain.com.*' and testing with '1@domain.com' did yield a match. The problem is that it also matched 'xxx1@example.com' ... whereas I need it to match the exact string '1@domain.com' and nothing else.

pmgversion -v reports the following...

proxmox-mailgateway: 7.1-1 (API: 7.1-1/7d5cde4b, running kernel: 5.13.19-1-pve)
pmg-api: 7.1-1
pmg-gui: 3.1-1
pve-kernel-5.13: 7.1-4
pve-kernel-helper: 7.1-4
pve-kernel-5.13.19-1-pve: 5.13.19-3
clamav-daemon: 0.103.3+dfsg-0+deb11u1
ifupdown2: 3.1.0-1+pmx3
libarchive-perl: 3.4.0-1
libjs-extjs: 7.0.0-1
libjs-framework7: 4.4.7-1
libproxmox-acme-perl: 1.4.0
libproxmox-acme-plugins: 1.4.0
libpve-apiclient-perl: 3.2-1
libpve-common-perl: 7.0-14
libpve-http-server-perl: 4.0-4
libxdgmime-perl: 1.0-1
lvm2: 2.03.11-2.1
pmg-docs: 7.1-1
pmg-i18n: 2.6-2
pmg-log-tracker: 2.2.0-1
postgresql-13: 13.5-0+deb11u1
proxmox-mini-journalreader: 1.3-1
proxmox-spamassassin: 3.4.6-4
proxmox-widget-toolkit: 3.4-4
pve-firmware: 3.3-3
pve-xtermjs: 4.12.0-1
zfsutils-linux: 2.1.1-pve3
 
It turns out that simply using the literal string <1@example.com> matches... ie. including the <> brackets within the value section... and inbound mail to that specific address gets blocked.

While it works, I don't understand why I'm able to block any number of other recipient addresses with entries like this:
Match Field received=sally01@example.com
and they match exactly, but a simple 1@example.com matched anything that ended with a 1.

In addition, it seems the regex tester is broken. Using any number of the example expressions I mentioned earlier, ie:
Code: 
^1@mydomain.com
^1@mydomain.com$
/^1@mydomain.com$/
^(1@mydomain.com)
^(1@mydomain.com$)
would all pass the test and show a match for 1@example.com, but in every case, inbound mail to that address still passed.

Seems very odd to me.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back