So your server is bombarded by spammer, and you really want to block them at the server side instead of per domain. Here is what I did, and it works for me. If you read this and it worked for you, or used this solution but tweaked it, please comment. Thank you !
Go to WHM / Service configuration / Exim Configuration Manager / Advanced Editor
Scroll down to the big blue button “Add additional configuration settings”.
In BOX1, enter: domainlist exim_blacklist
In BOX2, enter: lsearch;/etc/exim_blacklist
Then scroll down the page and look for “Section: ROUTERSTART“.
In the box below it, enter the following:
# Inserted to block domains access
# Local from blacklist: /etc/exim_blacklist
driver = redirect
# RBL Blacklist incoming hosts
domains = +exim_blacklist
data = :fail: Connection rejected: $domain is manually blacklisted.
You do need to restart exim after this, but do NOT need to restart exim anytime you update your /etc/exim_blacklist file
And here is the result:
root@zeus:~> telnet localhost 25
Connected to localhost.
Escape character is ‘^]’.
220-zeus.thefrenchguy.net ESMTP Exim 42.00 #2 Mon, 1 Jan 2000 11:23:46 -0400
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
mail from: firstname.lastname@example.org
rcpt to: email@example.com
550-Verification failed for <firstname.lastname@example.org>
550-Connection rejected: test.com is manually blacklisted.
This is working for cpanel 11.52