The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Stop cpanelusername@hostname.tld from sending mail ?

Discussion in 'E-mail Discussions' started by nisamudeen97, Apr 4, 2015.

  1. nisamudeen97

    nisamudeen97 Active Member

    Joined:
    Jul 7, 2010
    Messages:
    38
    Likes Received:
    4
    Trophy Points:
    8
    Location:
    Cochin
    cPanel Access Level:
    Root Administrator
    My server is used for hosting CMS like wordpress and joomla, as most of the clients are using plugins and themes which are not being downloaded from authorized websites lots of spam mails are found being generated from self triggered spam bot scripts. I have managed to enable detailed exim log and I am able to find the exact script which has caused the issue each time. Meanwhile is it possible to stop these malicious scripts only from spamming

    What I want to do is stop mails which are being of the form "cpanelusername@hostname.tld" ? ie stop mailing from the scripts that are not using proper authentication to sent mails
    Is it possible with out disabling php mail () ?

    I am not supposed to use any kind of third party spam detection software’s. I have done all recommended things by cpanel to prevent email abuse

    url https://documentation.cpanel.net/display/CKB/How+to+Prevent+Email+Abuse

    I need some mechanism in exim to stop this. Is it possible ?
     
  2. 24x7server

    24x7server Well-Known Member

    Joined:
    Apr 17, 2013
    Messages:
    1,146
    Likes Received:
    34
    Trophy Points:
    48
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hello,

    You can disable your php mail function through with the disable function in php.ini file. Also please give a try with the following command. You will get the directory list which are sending the mails from your server.

    Code:
    awk '$3 ~ /^cwd/{print $3}' /var/log/exim_mainlog | sort | uniq -c | sed "s|^ *||g" | sort -nr
     
    madmanmachines likes this.
  3. nisamudeen97

    nisamudeen97 Active Member

    Joined:
    Jul 7, 2010
    Messages:
    38
    Likes Received:
    4
    Trophy Points:
    8
    Location:
    Cochin
    cPanel Access Level:
    Root Administrator
    Hi,

    Thanks for the update. I have already done your suggestions and I am aware about all these. I have already disabled mail function in the server meanwhile what i need is to stop mails which are being of the form "cpanelusername@hostname.tld" most probably the mails which are being sent via php scripts in a "suphp" server.
     
  4. 24x7server

    24x7server Well-Known Member

    Joined:
    Apr 17, 2013
    Messages:
    1,146
    Likes Received:
    34
    Trophy Points:
    48
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hello,

    It's default behavior of Exim mail server is to use the cPanel username and hostname of the server, If the From: field is not formatted correctly, empty or the email address does not exist in the cPanel, the From: address will be changed to cpanelusername@hostname.tld

    If you want to stop this, You will have to use SMTP authentication instead of php mail in your script to send mail from your server
     
  5. nisamudeen97

    nisamudeen97 Active Member

    Joined:
    Jul 7, 2010
    Messages:
    38
    Likes Received:
    4
    Trophy Points:
    8
    Location:
    Cochin
    cPanel Access Level:
    Root Administrator
    What I want to do is stop mails which are being of the form "cpanelusername@hostname.tld" ? ie stop mailing from the scripts that are not using proper authentication to sent mails.


    Is there any mechanism in exim ? While researching in this topic , I met with the below update.

    Go to the location WHM >> Service Configuration >> Exim Configuration Manager

    Under the section filer, you'll see the file used by exim for filtering. Open that file from the backend of your server and add the below piece of code in the end.


    if first_delivery
    and ( (“$h_from:” contains “emailtoblock@domainname.com”)
    )
    then fail
    endif


    Restart exim


    Is it possible to modify the above if con and prevent all users from sending mail via php script ?
     
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,724
    Likes Received:
    660
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello,

    Are you sure that you have already disabled the mail function of PHP? Users should not be able to send out email through PHP if you have disabled that function.

    Thank you.
     
  7. nisamudeen97

    nisamudeen97 Active Member

    Joined:
    Jul 7, 2010
    Messages:
    38
    Likes Received:
    4
    Trophy Points:
    8
    Location:
    Cochin
    cPanel Access Level:
    Root Administrator
    Hi Michael,

    As I have stopped mail function no mails are being sent from the server meanwhile I would like to know if there is some other way to disable "cpanelusername@hostname.tld" from sending mails with out disabling php mail () in the server.
     
  8. nisamudeen97

    nisamudeen97 Active Member

    Joined:
    Jul 7, 2010
    Messages:
    38
    Likes Received:
    4
    Trophy Points:
    8
    Location:
    Cochin
    cPanel Access Level:
    Root Administrator
    Hi Michael,

    Thanks for the update, the below post contains answers for my questions.

    https://forums.cpanel.net/threads/h...nding-email-from-my-server.223731/#post920912

    I am unable to find answer for my main question. I am not supposed to disable mail sending for a single domain. I just wanted to disable mails being sent using php scripts which are of the form
    cpanelusername@hostname.tld. All other mails of the account sent using authentication via webmail, thunderbird must work fine. Is there any solution for this ?
     
    #9 nisamudeen97, Apr 19, 2015
    Last edited by a moderator: Apr 19, 2015
  9. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,724
    Likes Received:
    660
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    There's no other way I am aware of to stop PHP scripts from sending mails other than by disabling the mail function of PHP in the php.ini file.

    Thank you.
     
Loading...

Share This Page