cPanel and LFD/CSF SMTP restrictions?

david364

Active Member
Sep 15, 2013
29
4
8
cPanel Access Level
Reseller Owner
As I understand it, cPanel and LFD both offer SMTP (outgoing) email restrictions to prevent malicious scripts from sending email via weird system users such as "nobody". This is a very important feature to prevent spamming/viruses/malware, yet I haven't found an explanation for why it is supported both in cPanel and LFD (if it is). As a server beginner, this confuses me.

Should the cPanel TWEAK be enabled or disabled when LFD is running? Is there a similar feature in LFD, and how can I find it?

Recently, when I upgraded LFD (due to seeing an upgrade needed notice that I chanced upon when looking at the LFD management interface, because apparently LFD can't automatically update itself the way cPanel does), I saw a notice from LFD that said that the cPanel TWEAK for smtp should be turned OFF. I did this, but now I'm worried that I have less protection. I can't find this TWEAK in LFD.

What should I do, and why? (Optional: why doesn't the systems software just do the right thing automatically to provide correct protection automatically, and only require intervention and understanding from users who want a less secure environment?)
 

rpvw

Well-Known Member
Jul 18, 2013
1,088
446
113
Spain
cPanel Access Level
Root Administrator
I can't find this TWEAK in LFD.
This is in the CSF > Firewall Configuration > SMTP Settings > SMTP_BLOCK
Block outgoing SMTP except for root, exim and mailman (forces scripts/users
to use the exim/sendmail binary instead of sockets access). This replaces the
protection as WHM > Tweak Settings > SMTP Tweaks

This option uses the iptables ipt_owner/xt_owner module and must be loaded
for it to work. It may not be available on some VPS platforms

Note: Run /etc/csf/csftest.pl to check whether this option will function on
this server
 
  • Like
Reactions: Gino Viroli

cPanelMichael

Technical Support Community Manager
Staff member
Apr 11, 2011
47,911
2,233
363
cPanel Access Level
DataCenter Provider
Twitter
Hello,

Keep in mind that CSF/LFD is a third-party application and isn't something that's developed or included by default with cPanel & WHM. Often times third-party developers will make applications such as CSF to improve or add additional features that aren't natively included with the product.

As far as why the "SMTP Restrictions" feature is disabled by default, it's because scripts uploaded to websites will often connect to remote mail servers for the purpose of sending email. It's up to the administrator to determine if they want a more strict environment for sending emails. Here's a document you may find helpful if you'd like to know additional methods to prevent email abuse:

How to Prevent Email Abuse - cPanel Knowledge Base - cPanel Documentation

Thank you.