Disable outgoing mails from system users.

Infopro

Well-Known Member
May 20, 2003
17,113
507
613
Pennsylvania
cPanel Access Level
Root Administrator
Twitter
In cPanel:
Set Up a Default Address - cPanel Documentation

Select "Discard with error to sender" add a message, No Such User Here

in WHM for new accounts:
Home » Server Configuration » Tweak Settings, Mail tab.

Initial default/catch-all forwarder destination [?]
Forwarding destination for a new account’s catch-all/default address. (Users may modify this value via the Default Address interface in cPanel.) “Fail” rejects the message and notifies the remote SMTP server. This is usually the best choice if you are getting mail attacks. “Blackhole” accepts and processes the message but then silently discards it. This avoids notifying the remote SMTP server but violates SMTP RFC 5321 and generally should not be used.
Select "Fail" here and save configuration.
 

anton_latvia

Well-Known Member
PartnerNOC
May 11, 2004
390
12
168
Latvia
cPanel Access Level
Root Administrator
Well, depends what kind of scripts those users use to send mail. You can disable mail() function in PHP, so will have to use SMTP with authentication. Or better search and block those scripts, which generate spam. Since this could be also "good" emails, each case should be investigated separately.
 

amolmistry

Member
Sep 3, 2012
24
0
1
cPanel Access Level
Root Administrator
In cPanel:
Set Up a Default Address - cPanel Documentation

Select "Discard with error to sender" add a message, No Such User Here

in WHM for new accounts:
Home » Server Configuration » Tweak Settings, Mail tab.



Select "Fail" here and save configuration.
Hi Infopro,

But thing is I wish to discard the mails which are being sent from system user accounts (which are got created while adding hosting i.e. cpanel.com user : cpanel ([email protected])).
 

Infopro

Well-Known Member
May 20, 2003
17,113
507
613
Pennsylvania
cPanel Access Level
Root Administrator
Twitter
I'm sorry, your query is unclear to me.

System emails, for example quota or email box full emails, are sent to the system user. user @host.servername.com and are forwarded to that users real, Contact email address. user @host.servername.com is not a "real" email address.

ConfigServer blog has a post on this located here you might find interesting:
Why you should use :fail:
 

amolmistry

Member
Sep 3, 2012
24
0
1
cPanel Access Level
Root Administrator
I'm really very sorry Infopro, I mean to say, there are spamming is happening from that user which are getting creating after Account addition, check attached screenshot and check yellow highlighted part so that you will come to know exactly what I mean.Capture.JPG
 

Infopro

Well-Known Member
May 20, 2003
17,113
507
613
Pennsylvania
cPanel Access Level
Root Administrator
Twitter
Well, we'd have to see some of the emails I think to be able to give you proper direction.

User mileshig is the cPanel user. He can't send emails out on "his" own. His scripts could, as Anton mentions above. For mileshig to send email, he'd have to create an actual email account, which by your image, he does not have right now.

Depending on the settings I mentioned previously, a spammer could send emails to anyname at mileshig's domain.com