How To: Accept Mail only from CASG servers [cPanel]

Hello,

Just wanted to post a quick how-to, which will allow you to setup your cPanel’s Exim configuration to only accept email that originates from the CASG servers.
This will help you fight spammers who are able to directly deliver the spam to your mailservers without being scanned first.

First create a file called /opt/casgtest and add the following

#!/bin/bash
host -t MX $1 | sort -n -k1 | cut -d ' '  -f 7 | sed -e 's/\.$//' | xargs | sed -e 's/ /:/g' | tr -d '\n'

then save the file, change it’s ownership to “mailnull” and add execute permissions.

chown mailnull:mailnull /opt/casgtest
chmod +x /opt/casgtest

Go to WHM and open the Exim Configuration Manager → Advanced Editor.

Search for “custom_begin_recp_verify” and add into the box:

###############################################
## Start CASG verification
deny
    !hosts = mxsrv1.spamgateway.comodo.com : mxsrv2.spamgateway.comodo.com : localhost
    set acl_m_mx_records = ${run {/opt/casgtest $domain}}
    condition   = ${if eq{$acl_m_mx_records}{mxsrv1.spamgateway.comodo.com:mxsrv2.spamgateway.comodo.com}}
    message = Please deliver mail to the address specified in the MX records for this domain.
## End CASG verification
###############################################

Save the configuration and you’re all set!

Here’s what this will do:
a) If a domain on your cPanel server is configured with the CASG MX records (mxsrv1.spamgateway.comodo.com & mxsrv2.spamgateway.comodo.com) Exim will only accept mail from the hosts listed in the “hosts” variable:
mxsrv1.spamgateway.comodo.com, mxsrv2.spamgateway.comodo.com or localhost
and reject all mail that’s not coming from those hosts.
b) Otherwise if a domain doesn’t have the CASG MX records setup, then it will be assumed that they are not behind the filter and direct mail delivery will be accepted.

Full disclosure: Above information was put together based on information found here

Interesting reading!

Do you know how to do it within a script? Some mail servers windows-based use filters that support scripting.
Any idea how could it be done? Take a look a this for example.

Hi w-e-v,

I’m afraid I don’t have any experience with Windows servers - I can’t help you out on that :frowning:

–George

Hi,

Very nice, thank you. We’ll pop that in the Admin guide.

Regards,
Michel.