in hestiaCP Configure Server: SPAMASSASSIN I edited the spamassassin config file /etc/spamassassin/local.cf
# the opposite; blacklisted mails can also save CPU
#
shortcircuit USER_IN_BLACKLIST on (I removed the '#')
# shortcircuit USER_IN_BLACKLIST_TO on
# shortcircuit SUBJECT_IN_BLACKLIST on
blacklist_from *@birdieapps.com (I added this line)
yet my test message From [email protected] was delivered 
Am I doing something wrong?
Use exim to block specified tld’s, domains or email addresses with custom blacklists. Have a look here:
Thanks. giving it a whirl…
I’ve added
/etc/exim4/customglobaltldblacklist
/etc/exim4/customglobaldomainblacklist
and
/etc/exim4/customglobalemailblacklist
(2 are empty)
but there is a pre-existing empty
/etc/exim4/spam-blocks.conf and
/etc/exim4/white-blocks.conf
about which I find very little info (so I guess 2 more empty files in that dir are ok), as if this is an underdeveloped feature
Spam emails are coming through legitimate external SMTP relays (e.g., Gmail, other cloud services).
In these cases, the envelope sender (MAIL FROM) is the SMTP relay service’s address (e.g., [email protected]), which is not on the blacklist.
However, in the From: header, the blocked spam domain appears (e.g., [email protected]).
The blacklist rule in Exim does NOT block the email because it only checks the envelope sender, not the From header or other fields.
As a result, spam passes through the filter, even though the domain is theoretically blocked.