The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Spam Problems CPanel not secure...

Discussion in 'General Discussion' started by wimp, May 3, 2004.

  1. wimp

    wimp Well-Known Member

    Joined:
    Jul 13, 2002
    Messages:
    301
    Likes Received:
    0
    Trophy Points:
    16
    hi all,
    i have several problems with spames. I finde about 10.000 mails in queue every 24hours. I also note that it is possible to send out mails via SMTP without authentication. I have however, turned ON the SMTP tweak in WHM.
    So is there any defenitly way to disable the SMTP server on a cPanel server so that nobody but really no one can use mail.domain.com to send e-mails??


    thanks a lot
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    cPanel does authenticate SMTP connections using one of two ways:

    1. POP before SMTP (which is probably why you can connect seemingly without authentication, though you have authenticated by POPing your email account).

    2. SMTP AUTH

    If you're getting thousands of emails sent by nobody then you have a bug in a PHP script that you (or your customers) are running which is allowing spammers to use your server for bulk emailing.

    You need to get on top of this quickly before your NOC switches off your server:

    1. In WHM, enable the Tweak Settings that prevents the user nobody from sending emails

    2. Enable phpsuexec by running the Apache rebuild from within WHM

    3. Scour your logfiles for the offending PHP script

    4. Read this thread about the implications of enabling phpsuexec:
    http://forums.servermatrix.com/viewtopic.html?p=45532
     
  3. wimp

    wimp Well-Known Member

    Joined:
    Jul 13, 2002
    Messages:
    301
    Likes Received:
    0
    Trophy Points:
    16
    the problem is that anyone can go trought telnet to connect to an account on non and sending e-mails:

    ----
    telnet domain.com 25
    helo tester.com
    mail -> From - > the e-mail addess here eg.max@domain.com
    rcpt - > to: "max@domain.com"
    data
    text off message
    .
    quit
    -----

    be happy!!!
     
    #3 wimp, May 3, 2004
    Last edited: May 3, 2004
  4. BeerUser

    BeerUser Active Member

    Joined:
    Apr 16, 2004
    Messages:
    36
    Likes Received:
    0
    Trophy Points:
    6
    Im using version 4.3.6 of php and it doesnt work. I turned that setting on and the mail never sends out from my vbulletin till i turn it back off again. Running php as chi with phpsuexec.
     
Loading...

Share This Page