Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

limit mail account access to my IP

Discussion in 'E-mail Discussions' started by xml, Mar 1, 2014.

  1. xml

    xml Well-Known Member

    Joined:
    Jan 15, 2004
    Messages:
    79
    Likes Received:
    1
    Trophy Points:
    158
    Hello

    is thier a way to limit my mail account access to my IP only?

    I can not trust strong password only so I need more security proceedures to protect my mail account from spamers
     
    #1 xml, Mar 1, 2014
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    42,734
    Likes Received:
    1,706
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello :)

    Are you attempting to limit email access globally for the entire server or limit access to a single account?

    Thank you.
     
    #2 cPanelMichael, Mar 3, 2014
  3. xml

    xml Well-Known Member

    Joined:
    Jan 15, 2004
    Messages:
    79
    Likes Received:
    1
    Trophy Points:
    158
    Limit email access globally for the entire server.

    the past few days I am getting huge login failure alerted by LFD/csf firewall like this:
    and the pattern change to be attacks on mod_security:
    I really dont understand what is happening and why suddenly all these huge attacks!!!!
     
    #3 xml, Mar 3, 2014
    Last edited: Mar 3, 2014
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    42,734
    Likes Received:
    1,706
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    The following options might be of help to you if you want to block access for all IP addresses except for your own:

    "WHM Home » Security Center » Host Access Control"

    "WHM Home » Security Center » cPHulk Brute Force Protection"

    Thank you.
     
    #4 cPanelMichael, Mar 3, 2014
  5. xml

    xml Well-Known Member

    Joined:
    Jan 15, 2004
    Messages:
    79
    Likes Received:
    1
    Trophy Points:
    158
    Thank you cPanelMichael,

    I already done that long time ago but that didnt stop the spammer from hijacking my email account password.

    If I already configured /etc/hosts.deny to ALL:ALL and etc/hosts.allow to allow ONLY my Ip adress, how the spammer was able access my email account with different IP adress than mine?
     
    #5 xml, Mar 4, 2014
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    42,734
    Likes Received:
    1,706
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    We need more information about the emails that were sent out to address that question. For instance, what information were you able to obtain from the mail headers or logs in /var/log/exim_mainlog?

    Thank you.
     
    #6 cPanelMichael, Mar 4, 2014
  7. xml

    xml Well-Known Member

    Joined:
    Jan 15, 2004
    Messages:
    79
    Likes Received:
    1
    Trophy Points:
    158
    There is no doubts the spam emails were sent from my server, when I checked (mail queue manager) in WHM there were hundreds of those emails listed and waiting to be sent as shown in the attached image.

    what info do I need from mail headers or logs in /var/log/exim_mainlog? from the attachement its is obvious the spam is sent from my server and it stopped after I changed the email account password (strong one this time)
     

    Attached Files:

    #7 xml, Mar 4, 2014
  8. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    42,734
    Likes Received:
    1,706
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    The mail headers and logs in /var/log/exim_mainlog might help explain "how" the messages were sent out (e.g. authentication or through a PHP script).

    Thank you.
     
    #8 cPanelMichael, Mar 4, 2014
  9. xml

    xml Well-Known Member

    Joined:
    Jan 15, 2004
    Messages:
    79
    Likes Received:
    1
    Trophy Points:
    158
    Ok, here is the headers of one of spam emails:

     
    #9 xml, Mar 5, 2014
  10. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    42,734
    Likes Received:
    1,706
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Is that a header of a message that you see in the mail queue? If you search for "determine spam source" on our forums you will see several threads that will help you through the process of how to identify the source of a SPAM message. EX:

    SPAM Mail Sent From Server

    Thank you.
     
    #10 cPanelMichael, Mar 5, 2014
(You must log in or sign up to post here.)
Loading...
Similar Threads - limit mail account
  1. ally1

    Limit Max Incoming e-mails per account?

    ally1, Apr 19, 2018 at 3:14 AM, in forum: E-mail Discussions
    Replies:
    2
    Views:
    52
    cPanelMichael
    Apr 19, 2018 at 10:52 AM
  2. webalfa

    Find accounts that have hit hourly emails limit?

    webalfa, Apr 18, 2018 at 2:47 AM, in forum: E-mail Discussions
    Replies:
    2
    Views:
    71
    cPanelLauren
    Apr 18, 2018 at 9:02 AM
  3. rangka_kacang

    SOLVED Limit Hourly Email By Domain Instead Of By Server Account

    rangka_kacang, Feb 14, 2018, in forum: E-mail Discussions
    Replies:
    2
    Views:
    152
    cPanelMichael
    Feb 14, 2018
  4. RyokoX

    Limiting cPanel account's default mailbox.

    RyokoX, May 16, 2017, in forum: E-mail Discussions
    Replies:
    2
    Views:
    521
    cPanelJasonT
    May 17, 2017
  5. Tom Cooper

    E-Mail Account Limits

    Tom Cooper, Nov 29, 2016, in forum: E-mail Discussions
    Replies:
    2
    Views:
    481
    cPanelMichael
    Nov 30, 2016

Share This Page