Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

SECURITY: List Of All Your Valid Email Addresses Given To Spamers!

Discussion in 'Security' started by LanceHaverkamp, Jan 26, 2005.

  1. LanceHaverkamp

    Joined:
    Jun 12, 2003
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    151
    New Security Hole X-PopBeforeSMTPSenders:

    The outgoing mail server is adding the following header:

    X-PopBeforeSMTPSenders: [followed by a list of EVERY SINGLE valid email address on your ENTIRE domain]

    to each & every outgoing email--including autoresponders & boxtrapper challenges! Every spammer is being delivered a list of your entire domain's valid email addresses in the header of every reply!

    This must be removed.

    Lance
    :mad:
     
  2. weaver

    weaver Active Member

    Joined:
    Jan 19, 2005
    Messages:
    30
    Likes Received:
    0
    Trophy Points:
    156
    Hi -

    This isn't a security hole and it certainly isn't new but if you search the web you will find many heated discussions regarding it's use, see: http://www.webhostingtalk.com/showthread.php?threadid=333272

    Personally, I don't see the point if smtp-auth is in use though the war against spam is probably far more important than my humble opinion I suppose :eek: If you don't like it you can easily remove it from exim ;)
     
    #2 weaver, Jan 26, 2005
    Last edited: Jan 26, 2005
  3. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,470
    Likes Received:
    21
    Trophy Points:
    463
    Location:
    Go on, have a guess
    Well, you could simply disable the feature in Tweak Settings if you don't want it.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice