The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Disable localrelay without authentication- how to do it and should I do it?

Discussion in 'Security' started by maestroc, Sep 24, 2014.

  1. maestroc

    maestroc Active Member

    Joined:
    Aug 23, 2012
    Messages:
    34
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Reseller Owner
    I run a very small VPS with a few clients that I have developed sites for. I've discovered that at least one of them is infected and sending out spam. I discovered this when I started getting emails like this:

    lfd on vps.xyz.net: LOCALRELAY Alert for vibre

    Time: Wed Sep 24 09:28:45 2014 -0700
    Type: LOCALRELAY, Local Account - vibre
    Count: 101 emails relayed
    Blocked: No

    While I work to figure out where the infected files are can someone tell me how I can disable the ability for scripts to send email without authenticating via SMTP?

    Are there any downsides to doing this? What would you do if you were in this position?

    Thank you!
     
Loading...

Share This Page