Disable outgoing mails from system users.

amolmistry · Mar 5, 2013

Hello,

Noticed that there are lots of mails being sent from user@hostname.com (this is the user when it gets created when we Add hosting of domain name in cPanel)

Any Idea how to disable spamming from such users?

Infopro · Mar 5, 2013

In cPanel:
Set Up a Default Address - cPanel Documentation

Select "Discard with error to sender" add a message, No Such User Here

in WHM for new accounts:
Home » Server Configuration » Tweak Settings, Mail tab.

Initial default/catch-all forwarder destination [?]
Forwarding destination for a new account’s catch-all/default address. (Users may modify this value via the Default Address interface in cPanel.) “Fail” rejects the message and notifies the remote SMTP server. This is usually the best choice if you are getting mail attacks. “Blackhole” accepts and processes the message but then silently discards it. This avoids notifying the remote SMTP server but violates SMTP RFC 5321 and generally should not be used.
Click to expand...

Select "Fail" here and save configuration.

anton_latvia · Mar 5, 2013

Well, depends what kind of scripts those users use to send mail. You can disable mail() function in PHP, so will have to use SMTP with authentication. Or better search and block those scripts, which generate spam. Since this could be also "good" emails, each case should be investigated separately.

amolmistry · Mar 5, 2013

Infopro said: ↑

In cPanel:
Set Up a Default Address - cPanel Documentation

Select "Discard with error to sender" add a message, No Such User Here

in WHM for new accounts:
Home » Server Configuration » Tweak Settings, Mail tab.

Select "Fail" here and save configuration.
Click to expand...

Hi Infopro,

But thing is I wish to discard the mails which are being sent from system user accounts (which are got created while adding hosting i.e. cpanel.com user : cpanel (cpanel@hostname.com)).

Infopro · Mar 5, 2013

I'm sorry, your query is unclear to me.

System emails, for example quota or email box full emails, are sent to the system user. user @host.servername.com and are forwarded to that users real, Contact email address. user @host.servername.com is not a "real" email address.

ConfigServer blog has a post on this located here you might find interesting:
Why you should use :fail:

amolmistry · Mar 5, 2013

I'm really very sorry Infopro, I mean to say, there are spamming is happening from that user which are getting creating after Account addition, check attached screenshot and check yellow highlighted part so that you will come to know exactly what I mean.

Infopro · Mar 5, 2013

Well, we'd have to see some of the emails I think to be able to give you proper direction.

User mileshig is the cPanel user. He can't send emails out on "his" own. His scripts could, as Anton mentions above. For mileshig to send email, he'd have to create an actual email account, which by your image, he does not have right now.

Depending on the settings I mentioned previously, a spammer could send emails to anyname at mileshig's domain.com

SoftDux · Mar 6, 2013

I can add to this:

Let's say Bob's email address was hijacked and now bob@somedomain.ltd sends spam, using outlook (or any other email client) through SMTP.

How does one stop all outgoing mail for a certain user, or domain?

amolmistry · Mar 6, 2013

Hello,

Atleast is there any option to disable mailing services for specific user/email id?

Forums

The Community Forums

Interact with an entire community of cPanel & WHM users!

Disable outgoing mails from system users.

amolmistry Member

Infopro cPanel Sr. Product Evangelist
Staff Member

anton_latvia Well-Known Member
PartnerNOC

amolmistry Member

Infopro cPanel Sr. Product Evangelist
Staff Member

amolmistry Member

Infopro cPanel Sr. Product Evangelist
Staff Member

SoftDux Well-Known Member

amolmistry Member

Domain has outgoing email disabled

Domain has outgoing email disabled

How to verify plain text logins are disabled

SOLVED Disable Two Factor Authentication with SSH from rescue system

How to Disable Updating of Individual EA Module

Share This Page

Useful Searches

The Community Forums

Interact with an entire community of cPanel & WHM users!

Disable outgoing mails from system users.

amolmistry Member

Infopro cPanel Sr. Product Evangelist Staff Member

anton_latvia Well-Known Member PartnerNOC

amolmistry Member

Infopro cPanel Sr. Product Evangelist Staff Member

amolmistry Member

Infopro cPanel Sr. Product Evangelist Staff Member

SoftDux Well-Known Member

amolmistry Member

Domain has outgoing email disabled

Domain has outgoing email disabled

How to verify plain text logins are disabled

SOLVED Disable Two Factor Authentication with SSH from rescue system

How to Disable Updating of Individual EA Module

Share This Page

Infopro cPanel Sr. Product Evangelist
Staff Member

anton_latvia Well-Known Member
PartnerNOC

Infopro cPanel Sr. Product Evangelist
Staff Member

Infopro cPanel Sr. Product Evangelist
Staff Member