The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Preventing 127.0.0.1/localhost spamming via exim

Discussion in 'General Discussion' started by optize, Apr 9, 2012.

  1. optize

    optize Well-Known Member

    Joined:
    Apr 27, 2005
    Messages:
    144
    Likes Received:
    0
    Trophy Points:
    16
    This doesn't happen very often, but when it does happen it creates quite a mess...

    Someone will use jailshell/ssh to log in and tunnel in spam via localhost. Since it doesn't come in via apache/php/litespeed/whatever, it's not being tracked to their account.

    CSF does detect the outbound spam, but has no ways of stopping it, unless I'm missing something:

    --
    Time: Mon Apr 9 06:16:54 2012 -0700
    Type: LOCALHOSTRELAY, localhost - 127.0.0.1
    Count: 150 emails relayed
    Blocked: No

    Sample of the first 10 emails:

    2012-04-09 06:16:51 [217979] 1SHESg-000uhn-4d <= removed@removed H=localhost.localdomain (User) [127.0.0.1]:51686 I=[127.0.0.1]:25 P=smtp S=1935 T="Read This And Get Back To Me Please" from <removed@removed.com> for removed@removed.com,removed@removed.com,etc..
    --

    There has to be a way to either track to this to the account, so the max exim emails per hour restriction will take effect, or a way to not allow this kind of relaying, without breaking web scripts, etc.

    I can't be the only one that has ran into this issue...
     
  2. optize

    optize Well-Known Member

    Joined:
    Apr 27, 2005
    Messages:
    144
    Likes Received:
    0
    Trophy Points:
    16
    #2 optize, Apr 9, 2012
    Last edited: Apr 9, 2012
  3. mephisto

    mephisto Member

    Joined:
    Feb 1, 2010
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    We have the same problem. 11.32 doesn't seem to have it fixed. Any ideas? Maybe someone from cPanel team can respond?
     
  4. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
Loading...

Share This Page