Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Cpanel's exim a security hole according to nessusd

Discussion in 'Security' started by BianchiDude, Jul 26, 2009.

  1. BianchiDude

    BianchiDude Well-Known Member
    PartnerNOC

    Joined:
    Jul 2, 2005
    Messages:
    619
    Likes Received:
    0
    Trophy Points:
    166
    I ran a scan on my cpanel server with nessusd and its saying exim is a security hole:
    results|com|mydomain.com|smtp (25/tcp)|11852|Security Hole|\nSynopsis :\n\nAn open SMTP relay is running on this port.\n\nDescription :\n\nThe remote SMTP server is insufficiently protected against relaying. \nThis means that it allows spammers to use your mail server to send \ntheir mails to the world, thus wasting your network bandwidth.\n\nSolution :\n\nReconfigure your SMTP server so that it cannot be used as a relay \nany more.\n\nRisk factor :\n\nHigh / CVSS Base Score : 7.8\n(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)\n\nPlugin output :\n\nNessus was able to relay mails by sending those sequences :\n\n MAIL FROM: <nessus@mydomain.com>\n RCPT TO: <nobody%example.com@mydomain.com>\n\n

    How can I fix this?

    TIA
     
    #1 BianchiDude, Jul 26, 2009
  2. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,216
    Likes Received:
    10
    Trophy Points:
    313
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    cPanel/WHM does not set up an open relay. However, POP before SMTP authentication will trigger scanners into thinking you have an open relay. POP before SMTP authentication is enabled by default and allows anyone who has successfully authenticated via POP3 within the past 30 minutes to send outbound mail via your server.

    This is different from an open relay where server authentication is not required at all.

    If you want to force SMTP authentication for all outbound mail (effectively disabling POP before SMTP authentication), go to WHM -> Service Configuration -> Service Manager and uncheck "Antirelayd" (under TailwatchD). Then click "save" at the bottom of the page.
     
    #2 cPanelDavidG, Jul 27, 2009
  3. BianchiDude

    BianchiDude Well-Known Member
    PartnerNOC

    Joined:
    Jul 2, 2005
    Messages:
    619
    Likes Received:
    0
    Trophy Points:
    166
    Thank you for clarifying this.
     
    #3 BianchiDude, Jul 27, 2009
(You must log in or sign up to post here.)
Loading...
Similar Threads - Cpanel's exim security
  1. albatroz

    Improving cPanel's default Spamassasin efficacy

    albatroz, Sep 13, 2017, in forum: E-mail Discussion
    Replies:
    1
    Views:
    288
    cPanelMichael
    Sep 13, 2017
  2. cotswoldphoto

    ionCube Loader for cPanel's internal PHP

    cotswoldphoto, Oct 12, 2016, in forum: General Discussion
    Replies:
    7
    Views:
    2,800
    cPanelMichael
    Oct 13, 2016
  3. mehdix92

    Disable Exim Reverse DNS check

    mehdix92, Jun 14, 2018 at 9:50 AM, in forum: E-mail Discussion
    Replies:
    1
    Views:
    37
    cPanelMichael
    Jun 14, 2018 at 10:14 AM
  4. katmai

    Exim - Retry time not reached for any host

    katmai, Jun 14, 2018 at 4:46 AM, in forum: E-mail Discussion
    Replies:
    1
    Views:
    40
    cPanelMichael
    Jun 14, 2018 at 10:40 AM
  5. Bashed

    EXIM Slow

    Bashed, Jun 12, 2018 at 12:53 PM, in forum: E-mail Discussion
    Replies:
    1
    Views:
    43
    cPanelMichael
    Jun 12, 2018 at 1:51 PM

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice