Sendmail doesn't allow nobody - unexpected setting

[ottdev]

Recently programs stopped sending mail under https:// using the server-wide (shared) SSL domain, while they could still be used under the domain proper without SSL.

We narrowed it down to the use of sendmail. For those scripts which supported it, changing to use SMTP got them working again. The error using sendmail was:
sendmail: sendmail cannot be called directly from a shell with the current user id

Changing the setting: Prevent “nobody” from sending mail made no difference on or off.
It was “Track email origin via X-Source email headers” which we had recently turned on which caused our issue. Turning it off again got the remaining scripts working again.

It's not obvious this setting would have that kind of effect. Is it a bug? If not, perhaps having a warning about this potentially unwanted side effect in the WHM beside this setting would be helpful.

 

[cPanelMichael]

Hello

Could you let us know which version of cPanel is installed on your system, and at what point the issue started? Are these accounts assigned a jailed shell environment?

Thank you.

 

[ottdev]

Version 54-build19
The users have no shell access
It started several weeks ago when we changed that setting (at the time we were on the previous version). Toggling this setting on and off again reproduces the issue. It causes sendmail to refuse mail from nobody.
Track email origin via X-source email headers

So users with formmail contact forms or shopping carts or signups in forums, blogs or other scripts being run under
https://serverwideSSL.domain.tld/~user/
stop sending out mail if they call to sendmail because they come from the nobody user

They continue working not protected by SSL under
http://clientdomain.tld/
because then they are sent as the actual user

The NMS formmail scripts were easy to fix as their configuration already allows for use of SMTP as an alternative.

 

[cPanelMichael]

Could you open a support ticket using the link in my signature so we can take a closer look? You can post the ticket number here so we can update this thread with the outcome.

Thank you.

 

[urantian]

After moving to a new server, I have been experiencing this same issue with the NOBODY user being unable to use SENDMAIL. I, too, have been getting this error message:

"sendmail cannot be called directly from a shell with the current user id"

I had already set this property to OFF:

Prevent “nobody” from sending mail

I just now discovered this thread! Finally, after setting "Track email origin via X-Source email headers" to OFF, my problem is now solved.

I am using WHM 60.0 (build 15). Apparently, this apparent "bug" still exists.

Michael

 

[cPanelMichael]

Hello,

Could anyone else experiencing this issue let us know if the "/scripts/clear_orphaned_virtfs_mounts --clearall" command addresses the problem?

Thank you.