Require localhost SMTP auth

dorkstanner

Registered
Oct 24, 2018
2
0
1
Australia
cPanel Access Level
Root Administrator
Hello,

I've been doing research to find out if I can change my server to require smtp auth for localhost to prevent scripts/php from getting uploaded to a compromised account and being able to fully utilize our email server. Does anyone know how this would be done? I haven't been able to find any info.

Thanks!
~Tanner
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,908
2,216
463
Hello,

Anyone that can authenticate as a local cPanel user can use the 127.0.0.1 IP address to send mail without additional authentication (since the user already authenticated into cPanel). This can make it difficult for system administrators to determine which cPanel account sent the mail, especially when a malicious user spoofs an email address to disguise the origin of the email.

To require cPanel & WHM to put the actual sender in the header, enable the Experimental: Rewrite From: header to match actual sender option in WHM's Exim Configuration Manager interface (Home >> Exim Service Configuration >> Exim Configuration Manager).

This is documented at:

How to Prevent Email Abuse - cPanel Knowledge Base - cPanel Documentation

Once this option is enabled, you can more easily identify any senders using the server to send out SPAM, and then suspend those accounts or change the passwords to prevent further delivery of such messages.

Thank you.