cPanel: move/delete incoming mail with .zip attachment


New Member

Can anyone please help with a working cPanel filter or regex to move &or delete all incoming email with zip attachments?

I've tried & tried with the filters but without luck & the volume of zipped malware is just so wearing me down...

Thanks all.




Verified Provider
This is definitely an inappropriate way to handle it; but I personally don't use cPanel so I can't give you any advice there:

iptables -A INPUT -p tcp --sport 25 -m string --algo bm --string ".zip" -j TARPIT 

String matches are inefficient but it shouldn't be a huge problem for mail. TARPIT might not exist on your system but you can replace it with DROP if you don't want to get/use TARPIT. 

Inappropriate a solution as it may be the idea of bogging down a spammers system is a nice one
Last edited by a moderator:


New Member
Many thanks for your reply, however, the account in question is an end-user one & so has no access to iptables directly.

Added to my library though... :)