The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SMTP Tweak problem !

Discussion in 'Security' started by soulaymane-x, Apr 18, 2012.

  1. soulaymane-x

    soulaymane-x Member

    Joined:
    Apr 18, 2012
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hello,

    I tried a lot of times to enable the SMTP Tweak option , but when i click enable i get this error :

    An error occurred attempting to update this setting.

    Can you please help me to fix this problem ?

    and thank you,
     
  2. NixTree

    NixTree Well-Known Member

    Joined:
    Aug 19, 2010
    Messages:
    386
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Gods Own Country
    cPanel Access Level:
    Root Administrator
    Hello,

    Did you check the cPanel error log, for the detailed error message. Also, if CSF is installed you can use SMTP_BLOCK which replaces cPanel's SMTP Tweaks

    ===========
    # Block outgoing SMTP except for root, exim and mailman (forces scripts/users
    # to use the exim/sendmail binary instead of sockets access). This replaces the
    # protection as WHM > Tweak Settings > SMTP Tweaks
    #
    # This option uses the iptables ipt_owner/xt_owner module and must be loaded
    # for it to work. It may not be available on some VPS platforms
    #
    # Note: Run /etc/csf/csftest.pl to check whether this option will function on
    # this server
    SMTP_BLOCK = "0"
    ============

    Thank you,
    Nibin.
     
  3. judan

    judan Registered

    Joined:
    Mar 9, 2012
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Website Owner
    You might need authentication and/or SSL/TLS to use that SMTP server
     
  4. soulaymane-x

    soulaymane-x Member

    Joined:
    Apr 18, 2012
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    SSL authentification is already enabled .
     
  5. soulaymane-x

    soulaymane-x Member

    Joined:
    Apr 18, 2012
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Is there any other suggestions of causes of this error ?
     
  6. soulaymane-x

    soulaymane-x Member

    Joined:
    Apr 18, 2012
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    can you please tell what files take effect after clicking enable into smtp tweak to check if i have a problem in those files permissions .
     
  7. soulaymane-x

    soulaymane-x Member

    Joined:
    Apr 18, 2012
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    When i try to enable it from ssh , i get this error :


    Starting SMTP Tweak: SMTP Mail protection has been disabled. All user may make smtp connections.

    There was a problem setting up iptables. You either have an older kernel or a broken iptables install, or ipt_owner could not be loaded.
     
  8. NetMantis

    NetMantis BANNED

    Joined:
    Apr 22, 2012
    Messages:
    117
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    Utah
    cPanel Access Level:
    DataCenter Provider
    Sound like you are running an obsolete OS and don't have any of the normal core basics setup which is actually common for older servers running CentOS 4 or earlier. Most newer servers have iptables enabled by default ...

    Might try running this in your SSH shell as root: "yum -y install iptables coreutils binutils"

    (If you are not running CentOS or Redhat, you may need to use "apt-get" in place of "yum" in the previous command)

    Outside of the above, your server may be messed up a bit more than can be diagnosed here and might need someone to actually look at it to see what is going on with the machine.

    If the above doesn't solve your issue, send me a private message and I'd be glad to give you a hand sorting that out and coordinate with you to take a look at what is going on with your machine.

    As for "SMTP Tweak" itself, I would strongly recommend using CSF Firewall instead of "SMTP Tweak" in Cpanel; However, you can use neither of these if your base iptables is not working on your server since both CSF and Cpanel's SMTP Tweak are based upon iptables at least being installed and functioning correctly.

    Anyway, like I said, I got your back on this one. If you need one on one help with this let me know.

    Hopefully what I told you above helps you sort out your issue though.
     
  9. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    On Virtuozzo or OpenVZ, the necessary modules to use iptables might not have been configured. You might want to talk to your VPS provider if that's the case where you are on a Virtuozzo or an OpenVZ environment.
     
  10. NetMantis

    NetMantis BANNED

    Joined:
    Apr 22, 2012
    Messages:
    117
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    Utah
    cPanel Access Level:
    DataCenter Provider
    Yes, I'm actually thinking the exact same thing now ....

    Soulaymane-x sent me a private "thank you" message about an hour ago and among other things mentioned that his server is supposed to be running CentOS 5.8. If he were running any of the CentOS 4 version series, I would fully understand iptables not being installed by default but running CentOS 5.8 is a whole different story entirely and does indeed sound like he might be under a limited Virtuozzo or OpenVZ environment as that is the only way he wouldn't have iptables already installed.

    I absolutely hate and despise VZ (Virtuozzo or OpenVZ)!

    Aside from being extremely bad at managing VPS resource allocations, it has several really huge security holes which by it's core design could never be fixed or patched and also leaves the final end user very limited in the amount of control they have.

    Even with iptables added, a user under a VZ environment has no hope of being able to properly secure their server.

    I'm not going to add to hacking by naming those flaws specifically but rather just leave it at saying it's definitely not a good environment at all and I would not recommend anyone using that with Cpanel (or anything else for that matter)!

    There are a few VPS type of environments that are functionally robust and secure but VZ is not among those!
     
  11. soulaymane-x

    soulaymane-x Member

    Joined:
    Apr 18, 2012
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    no im using a didicated server with this configuration :

    WHM 11.32.2 (build 18)
    CENTOS 5.8 x86_64 standard
     
  12. NetMantis

    NetMantis BANNED

    Joined:
    Apr 22, 2012
    Messages:
    117
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    Utah
    cPanel Access Level:
    DataCenter Provider
    You have a DEDICATED SERVER with CentOS 5.8 x64 and no iptables installed?

    What in the world? You are 100% positive that is a dedicated server? :eek:

    Okay, got your private message, will definitely help you take a look at that though your situation is a bit strange.

    It shouldn't be doing what it is doing unless you were a VPS machine. If it really is indeed a dedicated server, something is just plain really wrong! I'm starting to think reload everything might be your best option but we'll see what's going on.
     
Loading...

Share This Page