The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SECURITY: List Of All Your Valid Email Addresses Given To Spamers!

Discussion in 'Security' started by LanceHaverkamp, Jan 26, 2005.

  1. LanceHaverkamp

    Joined:
    Jun 12, 2003
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    New Security Hole X-PopBeforeSMTPSenders:

    The outgoing mail server is adding the following header:

    X-PopBeforeSMTPSenders: [followed by a list of EVERY SINGLE valid email address on your ENTIRE domain]

    to each & every outgoing email--including autoresponders & boxtrapper challenges! Every spammer is being delivered a list of your entire domain's valid email addresses in the header of every reply!

    This must be removed.

    Lance
    :mad:
     
  2. weaver

    weaver Active Member

    Joined:
    Jan 19, 2005
    Messages:
    30
    Likes Received:
    0
    Trophy Points:
    6
    Hi -

    This isn't a security hole and it certainly isn't new but if you search the web you will find many heated discussions regarding it's use, see: http://www.webhostingtalk.com/showthread.php?threadid=333272

    Personally, I don't see the point if smtp-auth is in use though the war against spam is probably far more important than my humble opinion I suppose :eek: If you don't like it you can easily remove it from exim ;)
     
    #2 weaver, Jan 26, 2005
    Last edited: Jan 26, 2005
  3. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Well, you could simply disable the feature in Tweak Settings if you don't want it.
     
Loading...

Share This Page