However, I wish to block mails (= do not forward) to the new email address on 2 conditions:
if the sender name contain certain ‘banned’ words
if the sender domain is not using a common domain extension (allowed = .com, .net, … and not allowed is all others (such as .click, .loan, …)
However, could my worker code be incorrect…?
I do not receive any forwarded email at all. When I test myself with a [email protected] email address (=> containing no ‘banned’ words in the sender name + .com is allowed), the mai is bounced with the reason:
mx . cloudflare . net
Remote server returned '555 5.7.1 Domain extension not allowed.
Here is my code:
export default {
async email(message, env, ctx) {
// blocked words in sender name
let block = ["X", "Y", "Z"]; // spam words as array
//allowed domain extension (TLD)
let allowedExtension = ["com", "be", "info", "net", "nl", "org", "sg"];
if (allowedExtension.indexOf(message.SenderDomainIs) == -1) {
message.setReject("Domain extension not allowed");
} else {
if (block.some(word => message.headers.get("from").includes(word))) {
message.setReject("Includes word from blacklist)");
} else {
await message.forward("MY MAIL");
}
}
}
}
Where are you getting message.SenderDomainIs from? This will be undefined and never be allowed. The message is defined as an EmailEvent with the following properties:
Ah sorry, I didn’t mean for you to add it to your code. I was just showing you the types in the message object. Looks like your Worker is Javascript anyway not Typescript, but if you did want the types, get them from @cloudflare/workers-types - npm and reference EmailEvent from that instead.
I think something like that would be fine, just make sure you are using message.from and not message.headers.get("from"), at least for the endsWith. message.from is envelope, and message.headers.get is header from, which have different formats and characteristics: Difference between envelope and header from
just make sure you are using message.from and not message.headers.get("from") , at least for the endsWith. message.from
I changed from this: !from.endsWith(".com")
to this: !message.from.endsWith(".com")
The Worker is now blocking all traffic with the reason: Domain extension now allowed.
I checked Activity Log for this worker, and it blocked a .com (which it should allow, or at least if it also adheres to the spam words list).
I am mostly trying my best with the programming over here, if you could directly adapt the code to help to try get it to work, that would be very great.
I think something like that would be fine, just make sure you are using message.from and not message.headers.get("from") , at least for the endsWith. message.from is envelope, and message.headers.get is header from, which have different formats and characteristics
Just for clarification, I think this is the first time I’ve seen this format for getting the header vs the envelope. Would that give me access to filtering based on the reply-to field? (e.g. if I were to use message.headers.get("reply-to") ?)
Realistically, when I blocklist a domain, I want to blocklist any email that mentions that domain at all. I’m getting tons of spam that is “from” gmail addresses, but reply-to addresses that would otherwise trigger my blocklist. I’d also love to be able to blocklist emails that have blocklisted domains listed in the text of the email too, but maybe that’s seperate.