cPanel & WHM Version 92 has been released, and brings a slew of great updates. Take a look at what is included, and then upgrade today!

option to prevent forwarders to free email accounts

Jason Stidham shared this idea 6 years ago
Open Discussion

It would be nice to have an option to prevent users from adding forwarders to free email accounts (Ex: hotmail, yahoo.com, gmail.com)

Best Answer
photo

While this does not mean that the feature request will not be considered, I do want to point out that this functionality is presently able to be leveraged through Custom Event Hooks.


https://documentation.cpanel.net/display/SDK/Custom+Event+Handlers


You would be able to write a custom event handler for "Email::addforward" that errors and refuses to add forwarders that match certain text.


This does, of course, require some basic programming knowledge.

Comments (14)

photo
1

While this does not mean that the feature request will not be considered, I do want to point out that this functionality is presently able to be leveraged through Custom Event Hooks.


https://documentation.cpanel.net/display/SDK/Custom+Event+Handlers


You would be able to write a custom event handler for "Email::addforward" that errors and refuses to add forwarders that match certain text.


This does, of course, require some basic programming knowledge.

photo
1

As far as I am aware this isn't even possible with some custom coding since Custom Event Handlers are now deprecated.

You can get a hook to process the data but there doesn't look to be any way to stop the forwarder from being created.

This is a must needed feature as clients forwarding junk mail to free mail providers is hammering the reputation of server IP addresses.

As others have mentioned, this could be implemented in "Tweak Settings" and could either have the option to disable the creation of forwarders to all external domains or disable based on a list of user-editable domains.

photo
photo
2

I remember reading that forwards to AOL accounts trigger a spam block. I don't know the details and if it is still valid, but if it is then a list of no-forward domains that can be edited would be great. Anybody knows anything about the current AOL handling?

Personally I do need forwards to gmail since for one reason or another some of our clients prefer that over our webmail options.

photo
1

Mark Krieger wrote:

I remember reading that forwards to AOL accounts trigger a spam block.

The big freemailer (No problems with Gmail) Aol, Outlook and Yahoo trigger a block for everything. The forwarding of email is still mentioned. The bigger provider use a different way. They use dedicated SMTP for forwarding stuff.

photo
1

I used to have a CustomEventHandler that worked brilliantly, but cPanel's choice to deprecate CustomEventHandler ruined it. (I don't recall cPanel even announcing the deprecation -- you just did it.)


photo
2

I think that this should be re-considered as "Prevent mail forwarding to remote servers", an option as such on Tweak Settings should force the user to only add forwarders pointing from and to domains that he own on that account, avoiding that the incoming spam emails could generate outgoing spam due to redirections not being catched by SpamAssassin.


Most email services include an option for POP3 importing which should be used instead of a remote forwarder.

photo
2

I think the reasons this needs to be somethingi built into cPanel rather than something you have to use custom event hooks for are 1) so folks don’t have to write code to avail themselves of something like this, and 2) cPanel did away with the older mechanism we were using and our code was suddenly useless.

I’d like to see a very robust set of options such as:

1. Full forwarding (as it exists now).


2. List of external domains to which forwarding IS NOT allowed. (Would satisfy those who want to disable forwarding to free email providers, internal forwarding unrestricted)


3. List of external domains to which forwarding IS allowed (i.e. ONLY those external domains will be allowed, internal forwarding unrestricted)


4. Option to disallow ALL external forwarding while allowing internal forwarding to any domain on the same server or same cPanel account (either would be okay by me, and this is the option we’d love to have.)


5. Optionally: No forwarding allowed at all (this can be done via feature list removal but it could legitimately be a forwarding option so that someone who changs from 1-4 to 5 could have the option to trigger a cleanup that would remove all existing forwarders.)

photo
2

This would be great, perhaps the main topic text can be replaced with this one

Basically what you just said would imply:

- blacklist switch: some domains / all remote domains

- whitelist switch: some domains / all remote domains

The last one being the closest to the current behaviour

I would personally completely remove external domains and only allow forwarding within emails/groups/aliases created on the same account, but I guess that the people still using hotmail.com are not the geekiest of them all, so it's nice to have the option to re-enable the forwarders.

photo
1

I agree with William Leaver and Silent Ninja but it should be on domain basis

photo
photo
2

How is this not a more requested feature? Forwarding to hotmail/gmail is a killer for IP reputation.

photo
2

This should be done asap.. as customers doesn't understand that if they get spam in the inbox.. is forwarded to gmail/hotmail/whatever causing the server ip been rejected for normal uses.

photo
1

This feature is essential IMO. Blindly forwarding all e-mails to external free domains is just bad for IP reputation and spam control in general.

photo
1

As we all know IP reputation has a huge impact on outgoing email delivery and I agree that this feature should be included ASAP.

photo
1

This is essential feature for shared hosting. ISPs like Microsoft network have very strict policy and it causes IP blacklisting issue due to forwarding issue. It would be great if you add this feature as soon as possible.

photo
1

The only option offer from cPanel is disable at features the forward manager option. But the clients need this function. The real request since a lot years ago is the option to disable forwards to free email services like Hotmail, Gmail, Yahoo, etc. like the old and extinct Custom Event Handler. ISPs is blocking IP form this forwarding issue.

photo
3

I wrote up a hook that handles this. I could be easily adjust to filter on specific domains. But it currently just denies creating a forward to an external domain.

https://gist.github.com/gmariani/70359dd09c702111979835e52f980366

photo
1

Excellent work coursevector. Is it possible to add a blacklist of domains that it cannot sent to? Currently it works very well however some clients have addon domains and forward from one to the other on the same account. This stops those forwarders as the domain doesn't match. Being able to blacklist domains from being added as a forward would be amazing.

photo
1

You would just modify the logic on lines 148-149. If you added a blacklist in there, you could specify what is allowed and what isn't. Another option would be to verify if the domain is on the server and allow it. I didn't go this route because if a cpanel account was transferred to another server, the forward would remain and possibly no longer be allowed. The only way around that would be to add an Exim filter.

photo
1

How would you suggest the logic goes to add a blacklist of domains? This would be a great help if you can advise.

photo
3

Thanks for the hook, coursevector, it was very useful for us!

@Birchey - we made the following modifications which work fine for us:

Comment out these lines:

// Return a boolean if the domain matches
$result = ($domain === $email_to_domain) ? 1 : 0;
$message = 0 === $result ? "Forwarding to external domains not allowed, {$domain} is not equal to {$email_to_domain}." : '';

Replace with something like this:


// Populate list of bad domain names
$baddomains = array(
'hotmail.com',
'outlook.com',
'live.com',
'googlemail.com',
'gmail.com',
'yahoo.com'
);
if (in_array($email_to_domain, $baddomains)) {
     $result = 0;
     $message = "Forwarding to {$email_to_domain} is not allowed.";
}
else {
     $result = 1;
     $message = '';
}

photo
1

Hi Jules thanks for that, it works perfectly. Again a big thank you to coursevector as well. Its amazing that this doesn't exist in cPanel as standard.

photo
photo
1

Hello, when I try to add hook show error. How to make it work?


Regards to all.


/usr/local/cpanel/bin/manage_hooks add script /usr/local/src/coursevector/disable_email_forward_hook.php

Hook failed to return proper JSON data

WARNING: No "describe" pattern found in script. It is HIGHLY recommended to pass the "--manual" when providing hook descriptors on the command line.

The "add" management action requires that a module or script name is specified example:

bin/manage_hooks add module My::Module


Options can also be manually specified using the following params --category, --event and --stage are defined, example:

bin/manage_hooks add script /var/MyApp/hooks/something.pl --category=Whostmgr --event=Accounts::Create --stage=pre

photo
1

It sounds like you either didn't properly install the file or didn't copy all the contents of the file correctly. It's missing the describe function which is in the file and would return the proper JSON it's looking for.

photo