The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Enable Outbound Mail Password...

Discussion in 'E-mail Discussions' started by schoeps, Jan 3, 2007.

  1. schoeps

    schoeps Well-Known Member

    Joined:
    Sep 22, 2004
    Messages:
    51
    Likes Received:
    0
    Trophy Points:
    6
    Is there a way in cpanel/whm to enable the sendmail password? Someone is using my mail.xxxx.com to send mail...

    Thank you friends!
    Sch
     
  2. mohit

    mohit Well-Known Member

    Joined:
    Jul 12, 2005
    Messages:
    553
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Sticky On Internet
  3. schoeps

    schoeps Well-Known Member

    Joined:
    Sep 22, 2004
    Messages:
    51
    Likes Received:
    0
    Trophy Points:
    6
    Thanks for the quick reply and script, I dont see what is preventing users from just sending mail using anything (ie outlook) just using mail.xxxyyy.com... There has to be a way to turn on outbound authentication... right?
     
  4. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,381
    Likes Received:
    23
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    By default, cPanel systems have two authentication methods for allowing users to relay mail through the server. The most common is POP-before-SMTP. The other being SMTP authentication. POP-before-SMTP works by first making users log in and check a valid POP account on the server. When they do this, the IP that performed this POP check is added to a relay list, and then that IP is allowed to send out mail for 30 minutes (I think). The user must check for mail again (regardless of whether or not there is any new mail in the mailbox) within the next 30 minutes to be able to continue to send mail.

    SMTP authentication works by taking advantage of special SMTP instructions that authenticates a user via the SMTP protocol and allows relaying for that particular SMTP session. The SMTP username and password is the same as what would be used for checking mail with the POP account.

    Is someone from that IP logging into a valid mail account and checking for mail? If so, then that IP would be allowed to relay mail. If you know the IP that is relaying mail, then you can check the maillog (/var/log/maillog) to see who has logged into the POP/IMAP server from what IP and what mail account was checked. If SMTP authentication is used this would be noted in the exim_mainlog (/var/log/exim_mainlog).

    If you want to force users to use SMTP authentication, then you need to stop the antirelayd process from running on your server. The antirelayd process is responsible for determining what IP logged into the POP/IMAP server and adding that IP to the IPs that can relay out mail. If this process is not running, then this essentially stops POP-before-SMTP.

    Hope this helps.
     
  5. schoeps

    schoeps Well-Known Member

    Joined:
    Sep 22, 2004
    Messages:
    51
    Likes Received:
    0
    Trophy Points:
    6
    Wow, thank you so much for the detailed response, I certainly appreciate it :) Must be someone from an IP of a good mail user, will look at the logs, thanks again!
     
Loading...

Share This Page