Auto-limiting outgoing email via localhost/PHP

brianoz

Well-Known Member
Mar 13, 2004
1,146
6
168
Melbourne, Australia
cPanel Access Level
Root Administrator
Does anyone have any ideas on how to limit email via localhost? This is about preventing spam from new signups; I want to prevent new users from sending outgoing spam email via localhost and one simple way of doing that seems to me would be rate-limiting new users' outgoing email when it is sent via localhost. Email sent via PHP script or similar would always come from localhost, whereas real email sent from a mail client such as Outlook would always come in from an external source. Very few customers are going to want to send much outgoing email via localhost anyway, as far as I can see.

What I'd like to do is limit new customers to say 20 emails a day from localhost. If they exceed that threshold I'd like to keep a copy of their localhost email for inspection - that way I can tell easily whether they're a spammer or not.

Has anyone implemented something like this? I'm just thinking this shouldn't be that hard to implement and it would let me sleep like a babe in arms, knowing that auto-signup wouldn't bite me in the bum... I know very little about Exim though, mainly having been a qmail and sendmail boy.

Anyone got any ideas on how I could attack this?

Thanks,

Brian
 

joecool1001

Member
Jun 20, 2005
8
0
151
brianoz said:
Does anyone have any ideas on how to limit email via localhost? This is about preventing spam from new signups; I want to prevent new users from sending outgoing spam email via localhost and one simple way of doing that seems to me would be rate-limiting new users' outgoing email when it is sent via localhost. Email sent via PHP script or similar would always come from localhost, whereas real email sent from a mail client such as Outlook would always come in from an external source. Very few customers are going to want to send much outgoing email via localhost anyway, as far as I can see.

What I'd like to do is limit new customers to say 20 emails a day from localhost. If they exceed that threshold I'd like to keep a copy of their localhost email for inspection - that way I can tell easily whether they're a spammer or not.

Has anyone implemented something like this? I'm just thinking this shouldn't be that hard to implement and it would let me sleep like a babe in arms, knowing that auto-signup wouldn't bite me in the bum... I know very little about Exim though, mainly having been a qmail and sendmail boy.

Anyone got any ideas on how I could attack this?

Thanks,

Brian
This is a must. Phishing is out of control. Something needs to be done. Is there a way to limit the amount of emails sent through sendmail and smtp on an hourly basis?
 

AndyReed

Well-Known Member
PartnerNOC
May 29, 2004
2,221
4
193
Minneapolis, MN
Login to WHM >> Tweak Settings >> The maximum each domain can send out per hour (0 is unlimited)
 

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,460
22
463
Go on, have a guess
Yes, there is. It's only a must if you're unlucky/don't properly vet your customers before allowing them on your server.

You can limit emails on an hourly basis for all domains with the emails per hour setting in WHM > Tweak Settings. Or you can do it on a per domain basis, if you want to do it for new domains only, by following the procedure in my post here:
http://forums.cpanel.net/showpost.php?p=171701&postcount=11
 

brianoz

Well-Known Member
Mar 13, 2004
1,146
6
168
Melbourne, Australia
cPanel Access Level
Root Administrator
I use the WHM limit to keep the limit down for all domains and only specifically enable those domains that ask for it. We have less than 1% of our users interested in sending out large numbers of emails, and I like leaving it disabled permanently so as to make it harder for spammers.

Of course, the other way around works well too, so long as you lift the restrictions on new users automatically, or remember to do it!
 

ilbin

Member
Apr 12, 2004
14
0
151
nobody mail seems to be exempt

I have the /var/cpanel/maxemails feature in place, and it works for user domains, but it doesn't seem to place any limit on the [email protected] mail that goes out.

After noticing that, I limited the nobody mail to 500/hr and that still had no effect. The default in Tweak Settings is 250.

Does anyone know of a separate setting for this? I've looked everywhere I know.

Thanks!
 

ilbin

Member
Apr 12, 2004
14
0
151
nevermind

Nevermind - I found the other discussion - should have looked a little deeper.
 

danimal

Well-Known Member
Jul 14, 2003
79
0
156
url?

ilbin,

Can you post the link to the other discussion you were referring to? I'm still looking, although my needs are slightly different, but I need to understand php and mail sending and limits.

Thanks!

-Danimal :cool: