• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Resolved Want to blacklist spam from a specific user name but have wildcards in the domain. Possible?

D

David Borrink

Basic Pleskian
Server operating system version
CentOS 7.9
Plesk version and microupdate number
Plesk Obsidian 18.0.55 Update #2, last updated on Sept 28, 2023 03:36 AM
I am getting dozen of emails every day to my and my wife's email from the same source. They all have "Alex" as the name of the sender, but the email address changes constantly, though the domain always ends in .ru. I'd like to know if it's possible to set up a email block rule that would be something like this: all emails with a sender of "Alex" and any wildcard domain that ends with ".ru".
 
Hello David,



I can think a fast and effective method if you’re using round cube, (it’s not needed to use the webmail, just add the filter once). Open Round cube > use your login details, > Settings > Filters > add new, and there you can customize depending your needs.



Other way, I’m thinking is via spam filter.

But there you’re limited with wildcard which can cause you blocking emails that you might need to receive. Also, Round cube, can set to match all your rules.
 
Jokers said:
I can think a fast and effective method if you’re using round cube, (it’s not needed to use the webmail, just add the filter once). Open Round cube > use your login details, > Settings > Filters > add new, and there you can customize depending your needs.
Click to expand...
That's actually a good and (some what) easy solution. Thanks for sharing.
 
I can think a fast and effective method if you’re using round cube, (it’s not needed to use the webmail, just add the filter once). Open Round cube > use your login details, > Settings > Filters > add new, and there you can customize depending your needs.
Click to expand...

Okay, that seems to work. I "trapped" six of 'em last night using that method. Nice. Thanks for the tip!
 
And I caught 11 more today. It's doing exactly what I ask. All the "Alex" emails are nailed in my "deleted items" folder on Roundcube. I can collect and discard once in a while. At least it keeps them out of my main mail app on my desktop.
 
Is there information on how you did this exactly. I'm looking in Roundcube, and can't get the create filter to operate. It's greyed out.
Also is it possible to do this on all accounts on a domain, without doing it one at a time?
 
I don't want to do this just on one email, but server wide and add domain wildcards? I know why it was greyed out because it wasn't selected, but I've created a Filter now however, it is only for the one email account? Anyone got any knowledge on this? Thanks
 
I couldn't delete the last post as it was over the 4 min limit. (any other way to remove a post)
Anyway I wanted to share what I've done and ask anyone whether the wildcard "?" in the domain name would work in this filter.
1718969455244.png

Also, is there a limit to how many more From-Contains could I add to the filter. (I know I would have to change "all of the following" to any of them.
 
Robert Alexander said:
I don't want to do this just on one email, but server wide and add domain wildcards? I know why it was greyed out because it wasn't selected, but I've created a Filter now however, it is only for the one email account? Anyone got any knowledge on this? Thanks
Click to expand...
If you like to block emails from certain senders on server level you can do so via the Spam Filter Black/Block list (Tools & Settings > Spam Filter).

Robert Alexander said:
Anyway I wanted to share what I've done and ask anyone whether the wildcard "?" in the domain name would work in this filter.
Click to expand...
Wildcards can't be used when using the contains comparator. You can use matches expression instead, which allows you to use ? as a wildcard to match a single character or * as a wildcard to match zero or more characters.

Robert Alexander said:
Also, is there a limit to how many more From-Contains could I add to the filter. (I know I would have to change "all of the following" to any of them.
Click to expand...
There is no hard limit. But if you're going to add hundreds of rules it might impact your server performance a little.
 
Thanks Kaspar
Those answers are very helpful.
I've been trying that on a couple of email domains. An example today is shown below. There are usually a few regular culprits so I'm hoping to nip these in the bud. I understand if there are too many, how it may impact. I will be looking eventually to use a 3rd party service, but keeping costs low for now as I'm not getting revenues till a Soft-Launch of my SaaS Platform after September. We're unusual in that as a business, we're donating money to local people in local communities from day one, and providing transparency as it happens. Lots of challenges ahead. :)
1719310833872.png
 
Robert Alexander said:
It remains now to be seen, whether these wildcards work. Time will tell.
Click to expand...
Based on the screen shot from your previous post I can tell with a great degree of certainty that the rules won't be effective. Because as I mentioned on my previous post:
Kaspar@Plesk said:
Wildcards can't be used when using the contains comparator. You can use matches expression instead, which allows you to use ? as a wildcard to match a single character or * as a wildcard to match zero or more characters.
Click to expand...

You'll have to replace the contains comparator for matches expression.
 
Sorry Kaspar. So that I understand can I ask then if for the first one I show, what would be the correct parameters as wheat-*.asia has quite a number of servers that send spam. The numbers can have 3 digits. Am I supposed to use wheat-???.asia for example?
 
On your rules, change contains option, highlighted in the red box on the image below, to matches expression. (And do that for all your rules on which you use a wildcard).

1719310833872.png
 
Thanks. So you can see what I've done in this example now and I want to check my understanding of ? being used as a wildcard as explained in my last response. See the Red Highlight. I explained that there are usually 3 numbers which are different domains, where I've typed ??? from this domain.
1719516286701.png
 
A question mark wil be used a wildcard that matches any other character (including digits). So using three question marks will match three characters. But beware that each question mark covers exactly one character. So if the domain your trying to block has two digits instead of three your rule won't work.
 
Thanks for that. Yes this particular domain uses 3 digits, but your point is noted. I do hope this thread helps others who are considering Wildcards in Spam Filters.
 
1719913064020.png
Here we can now see that the wildcard of ??? used in the way I previously illustrated doesn't work.
Now it may not be a perfect system, but today I received a spam from the url I tried to block, as you can see.
I'm recording it to help anyone else trying this, and to get the input of people like Kaspar who may have further comments or suggestions.
I'm thinking that we can't overcome Spoofing. The oversea08 email is the one that's being used, but the reality is that it came via the .asia route.
Thanks
 
Robert Alexander said:
View attachment 26521
Here we can now see that the wildcard of ??? used in the way I previously illustrated doesn't work.
Now it may not be a perfect system, but today I received a spam from the url I tried to block, as you can see.
I'm recording it to help anyone else trying this, and to get the input of people like Kaspar who may have further comments or suggestions.
I'm thinking that we can't overcome Spoofing. The oversea08 email is the one that's being used, but the reality is that it came via the .asia route.
Thanks
Click to expand...
Are you sure that market@wheat-004.asia is in the From: header and not Sender:? Please post the message headers.
 
You must log in or register to reply here.

Similar threads

carlsson
Question Is it possible to create a manual spam filter?
Replies
2
Views
444
carlsson
carlsson
C
Question Analysing Sender IP in Mail Headers
Replies
0
Views
2K
Change Maker
C
D
Resolved How to Blacklist emails from address that does not end with .com
Replies
8
Views
5K
YperLine
Y
L
Issue Spam-/Mailproblems
Replies
1
Views
1K
Peter Debik
P
finbarr69
Question Plesk Email Security - block emails for reply-to of a different domain from sender
Replies
2
Views
2K
finbarr69
finbarr69
Back
Top