I want to uninstall sendmail from cPanel & WHM 64.0 (build 12)
Please help me
Please help me
Last edited by a moderator:
Infopro
Well-Known Member
Thanks for your response.
I am using Exim and I want only Exim in my server no sendmail
I do not want sendmail because in my hosting lot website are build with 3rd party software and they are utilizing sendmail to send huge amount of spam emails.
Sendmail is of no help for me.
Please help me.
I am using Exim and I want only Exim in my server no sendmail
I do not want sendmail because in my hosting lot website are build with 3rd party software and they are utilizing sendmail to send huge amount of spam emails.
Sendmail is of no help for me.
Please help me.
Infopro
Well-Known Member
Allready added "mail" in disable_functions option in PHP configuration.
Still spam mails are sent.
Still spam mails are sent.
Hello,
You may find the following document helpful:
How to Prevent Email Abuse - cPanel Knowledge Base - cPanel Documentation
In particular, the section on "SMTP Restrictions" explains how this feature ensures spammers cannot directly interact with remote mail servers or work around mail security settings.
Thank you.
"SMTP Restrictions" is enabled.
What is bothering me is no record of the spam emails are found on "Mail Delivery Reports".
But IP listed in RBLs
What is bothering me is no record of the spam emails are found on "Mail Delivery Reports".
But IP listed in RBLs
Hello,
You may want to contact the individual RBL list administrators to request delisting or to ask for more information about why your IP is added to the black list.
Thank you.
When I contact the RBL they say stop spam mails from your IP, when they stop your IP will be delisted.
Few website build with wordpress are the culprit they were hacked. They send endless spam mail continuously.
I told the owners of those site to fix the problem else I have to keep the sites suspended.
They simply left.
I am losing clients.
I want to keep Exim only.
I do not need "sendmail" at all. I want to uninstall it.
Please help.
Few website build with wordpress are the culprit they were hacked. They send endless spam mail continuously.
I told the owners of those site to fix the problem else I have to keep the sites suspended.
They simply left.
I am losing clients.
I want to keep Exim only.
I do not need "sendmail" at all. I want to uninstall it.
Please help.
Hello,
You may want to consider enabling the "Prevent “nobody” from sending mail" option under the "Mail" tab in "WHM >> Tweak Settings" and then ensuring any problematic accounts are assigned a version of PHP that uses a handler such as CGI:
MultiPHP Manager for WHM - Version 64 Documentation - cPanel Documentation
However, generally the better approach is to address the hacked WordPress installations:
What log files to check after an account gets hacked/defaced?
Thank you.
You may want to consider enabling the "Prevent “nobody” from sending mail" option under the "Mail" tab in "WHM >> Tweak Settings" and then ensuring any problematic accounts are assigned a version of PHP that uses a handler such as CGI:
MultiPHP Manager for WHM - Version 64 Documentation - cPanel Documentation
However, generally the better approach is to address the hacked WordPress installations:
What log files to check after an account gets hacked/defaced?
Thank you.
"Prevent “nobody” from sending mail" option under the "Mail" tab in "WHM >> Tweak Settings" is already enabled.
I have checked the logs of the hacked domains-
/var/log/apache2/domlogs/hacked domain name folder
/var/log/apache2/domlogs/hacked domain name file
/var/log/apache2/domlogs/hacked domain name-bytes_log
Any of this has no record.
But amazingly all other domain has records showing which IP accessed what.
Now, what to do except uninstalling "sendmail"
I have checked the logs of the hacked domains-
/var/log/apache2/domlogs/hacked domain name folder
/var/log/apache2/domlogs/hacked domain name file
/var/log/apache2/domlogs/hacked domain name-bytes_log
Any of this has no record.
But amazingly all other domain has records showing which IP accessed what.
Now, what to do except uninstalling "sendmail"
Hello,
Disabling sendmail can break certain functionality (e.g. Autoresponders, Notifications) on a cPanel system and is unsupported. You're going to need to determine the source of the SPAM messages or implement other methods of preventing email abuse. If you wanted to temporarily disable sendmail to see if that helps you to identify the source of SPAM, then you'd rename the "/sbin/sendmail" file to something else.
Thank you.
Disabling sendmail can break certain functionality (e.g. Autoresponders, Notifications) on a cPanel system and is unsupported. You're going to need to determine the source of the SPAM messages or implement other methods of preventing email abuse. If you wanted to temporarily disable sendmail to see if that helps you to identify the source of SPAM, then you'd rename the "/sbin/sendmail" file to something else.
What PHP handler is enabled for the versions of PHP installed on the system?
Thank you.
In my server PHP handler is "suphp" for ea-php55, ea-php56, ea-php70
And in Home »Software »MultiPHP INI Editor, disable_functions = symlink, show_source, system, shell_exec, passthru, exec, phpinfo, popen, proc_open, allow_url_fopen, ini_set, phpmail, mail
Another thing please tell me how to get log records of mails sent by "sendmail"? like exim provides.
Thank you.
Last edited:
You'd need to switch to a handler such as CGI or DSO (where Apache runs as the "nobody" user) if you wanted the "Prevent “nobody” from sending mail" option to be more effective. However, generally the better approach is to implement better security practices to prevent exploits to scripts installed on the websites. There's a thread on this topic at:
Log Checking
Exim logs email activity to the /var/log/exim_mainlog file. The following thread is useful if you want to search this log:
Reading and Understanding the exim main_log
Thank you.
There is nothing you can do to stop them from sending email that is spoofed. You can send an email and have it look like it's coming from anywhere, and your outgoing email server (if configured to accept it, which spammers obviously would) and it will accept it. Adding an SPF record might reduce the number of those emails received by people.
You need to add (or append) to a TXT record in DNS.
v=spf1 include:your.email.domain.here -all
You can include more domains by adding another include: like:
v=spf1 include:blah1.blach1.com include:blah.blah.com -all
You need to add (or append) to a TXT record in DNS.
v=spf1 include:your.email.domain.here -all
You can include more domains by adding another include: like:
v=spf1 include:blah1.blach1.com include:blah.blah.com -all
Exim still processes the messages so activity is logged to /var/log/exim_mainlog. Another option to consider is to use a third-party application such as CSF/LFD:
https://download.configserver.com/csf/readme.txt
Search the above document for "LF_SCRIPT_LIMIT" for information about this feature can notify you about messages sent from the server through scripts.
Thank you.
| Thread starter | Similar threads | Forum | Replies | Date |
|---|---|---|---|---|
| I | In Progress CPANEL-38632 - Horde spell check stopped working | 2 | ||
|
Stop sendmail spam | 2 | ||
| V | How to stop sendmail? | 2 | ||
| C | SENDMAIL stoped | 2 | ||
|
Cpanel 6.2.0-R18 sendmail stoped | 8 |