Configuration file for SMTP Tweak

ozark

Member
Sep 14, 2004
10
0
151
I understand that with '/scripts/smtpmailgidonly on' I can block outgoing smtp connection for anyone but
root, cpanel, mail and mailman.

The script seems to read a configuration file at '/var/cpanel/smtpmailgidonly/conf.yaml'.

What do I need to write into that conf.yaml file
(1) to add another user that would not be blocked?
(2) to add another port that would be blocked.

Please provide an example.
 

quizknows

Well-Known Member
Oct 20, 2009
1,008
87
78
cPanel Access Level
DataCenter Provider
I don't see anything in that conf on my server with SMTP tweak on.

I've had to occasionally add trusted users for this type of setup, but I do so with SMTP_BLOCK in CSF in place of SMTP Tweak. This is because the csf.conf is easily customizeable to whitelist other users for SMTP connections.
 

ozark

Member
Sep 14, 2004
10
0
151
Thanks for the reply.

Switching to CSF might be a solution if all else fails.

I am using APF for years and the SMTP Tweak works great with it.

The code of '/scripts/smtpmailgidonly on' which turns the SMTP Tweak on reads a cofiguration file at
'/var/cpanel/smtpmailgidonly/conf.yaml' where you can add users and port.

All I need is the correct syntax for entries in that file.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,203
363
Hello :)

The entry you are referring to in /scripts/smtpmailgidonly is:

Code:
# for future expension
if ( -e '/var/cpanel/smtpmailgidonly/conf.yaml' ) {
    print "Loaded custom smtpmailgidonly/conf.yaml\n";
    require Cpanel::CPAN::YAML::Syck;
    my $cfg = YAML::Syck::LoadFile('/var/cpanel/smtpmailgidonly/conf.yaml');
    push @PORTS, @{ $cfg->{'PORTS'} } if exists $cfg->{'PORTS'};
    push @RULES, @{ $cfg->{'RULES'} } if exists $cfg->{'RULES'};
}
I will leave this thread open for others to add input, but I have not been able to find any templates for you to use with this file, or documentation that supports it's use. It's likely that using CSF will be the easier route here.

Thank you.
 

cPanelKenneth

cPanel Development
Staff member
Apr 7, 2006
4,608
77
308
cPanel Access Level
Root Administrator
/var/cpanel/smtpmailgidonly/conf.yaml was added for a feature that was never completed.
 

ozark

Member
Sep 14, 2004
10
0
151
Thank you very much for your answers.

I went ahead and removed APF firewall and installed CSF/LFD, with which it is indeed quite easy to allow additional users to make direct smtp connections.
 

JerryJ.

Member
May 13, 2013
14
0
1
cPanel Access Level
Root Administrator
Howdy,

During the course of a ticket I discovered this format.

As Kenneth said, this feature was not completed, and may be removed at any time.

However since the point of the forums include unsupported configurations, I am sharing the syntax.

Code:
[email protected] [~]# cat /var/cpanel/smtpmailgidonly/conf.yaml
---
  RULES:
    -
      type: "uid"
      value: 500
      name: "jerry"
As far as I can tell, valid options include the following:

Type: uid, guid
value: value to match against
name: presumably the name for the user or group
args: UNSURE, it is in use for the cpanel user, however I am unsure of its usage.

I would like to reiterate again that this was never intended for production, and as such may be removed at any time.

If you don't know YAML files that well, I suggest using PHP to make an array, convert it to JSON, then convert it to YAML.

Here is how I did so:

codepad

Code:
PHP:
<?php
$ar = array("RULES"=>array(array("type"=>'uid','value'=>500,'name'=>"jerry")));
echo json_encode($ar);
I then went to Convert JSON to YAML Online and in every language and converted it to YAML.

Thanks!
 

ozark

Member
Sep 14, 2004
10
0
151
Thank you for providing details about this experimental feature.

You confirm that this could be removed any time and I have moved on to CSF, but it is always interesting to get more information about the inner workings of cpanel files, experimental or not.