Outgoing spam - smtp tweak?

[headout]

Hi,

we have seen this week multiple spamruns from a server. With suPHP, we tracked the offending account immediately. We've setup Clamav, limited the " The maximum each domain can send out per hour (0 is unlimited)" on 100 emails. Despite these actions, we got CBL and spamcop listed.

I've searched on this forum, and saw the advice to enable "smtp tweak". But I cannot find it:
WHM >> security >> security center >> ?
WHM >> tweak settings >> ?
cPanel 11.24.5-R37946 - WHM 11.24.2 - X 3.9 FREEBSD
Where can find this option? Otherwise we have to start setting up IPFW to limit outgoing email, which is horrible I think for this usage.

Anyone who can tell me where to find the smtp tweak setting?

Ron

[Infopro]

WHM >> security >> security center >> ?

Scroll to the bottom of the page, 2nd from bottom.

This may help as well. ConfigServer Security & Firewall

(But then you wouldn't need the SMTP Tweak.)

[headout]

Scroll to the bottom of the page, 2nd from bottom

Nope, it isn't there:

Security Center

Password Strength Configuration

This area allows you to change the minimum required password strength for each area of cPanel/WHM that accepts a password.

cPHulk Brute Force Protection

cPHulk Brute Force Protection prevents malicious forces from trying to access your server's services by guessing the login password for that service.

Host Access Control (block IP access)

Host Access Control allows you to allow or deny access to your server or specific services based on the IP address of the incoming request.

SSH Password Auth Tweak

The SSH Password Auth Tweak allows you to enable or disable password authentication for SSH. This can be used along with SSH keys to add extra security.

PHP open_basedir Tweak

PHP's open_basedir protection prevents users from opening files outside of their home directory with PHP.

Apache mod_userdir Tweak

The mod_userdir tweak enables/disables the ability to view sites on your server by typing http://servers.host.name/~username.

Compilers Tweak

This tweak will disable the system's C and C++ compilers for unprivileged. Many common exploits require a working C compiler on the system. You can also choose to allow some users to use the compilers while they remain disabled by default.

Traceroute Tweak

This tweak will disable the system's traceroute utility. Traceroute displays the packet routing statistics from the server to another network host. It can be used to map the network's topology and subsequently be used as a tool to focus a hacking attack.

Shell Fork Bomb Protection

Shell Fork bomb Protection will prevent users with terminal access (ssh/telnet) from using up the server's resources and possibly crashing the server.

CSF won't work on a FreeBSD system, because of the use of IPtables.

What i'm thinking of: the "smtp tweak" is a non-FreeBSD option?

[Infopro]

Ah, could be. No personal knowledge of this, but I'm sure someone who has will reply to sort us out.

[Spiral]

Even though it is on the "supported list", FreeBSD is not really the best choice for running a Cpanel system primarily because of items such as this.

Now regarding your getting listed in the blacklist RBLs, it is possible that you got listed for spam email messages that were sent out **PRIOR** to you make any system changes or limited the mail sending.

Even after you fix the problem and stop the spam sending, you might get listed because someone who received the message doesn't report your server until a few days later whenever they got around to checking their mailbox. By that time, you may have already stopped the spam but still get reported because of what had already been sent out earlier. Unfortunately, that happens!

Another possibility is your mail queue may still have spam messages waiting to send that are already beyond the control of the account or offending script and those queued outbound messages could also get you listed.

Now regarding iptables under FreeBSD, I have seen a number of translating scripts that accept iptable commands and send them over to FreeBSD's packet filter (pf). You might want to look into one of those.

[cpanelkenneth]

What i'm thinking of: the "smtp tweak" is a non-FreeBSD option?

The SMTP Tweak modifies the IPTables rules. We don't have an equivalent for the FreeBSD firewall.

[headout]

@cpanelkenneth: Thanks for clearing that out.

@Spiral: thanks for your kind answer. We removed the existing email in the queue directly.