Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Stop sendmail spam

Discussion in 'E-mail Discussions' started by Mauritz, Sep 2, 2017.

Tags:
  1. Mauritz

    Mauritz Well-Known Member

    Joined:
    Apr 29, 2015
    Messages:
    55
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Johannesburg
    cPanel Access Level:
    Root Administrator
    One of our customers WordPress site got hacked and a script was uploaded which fired off close to a 1000 spam mails within a hour. Was lucky to catch it fast enough but unfortunately a lot left the server. The mail was sent through our ip@hostname

    As this probably will affect a large number of our customers who mostly rely on mail, I would like to stop all mail sending from our server which is not SMTP authenticated. Note I have already turned on SMTP restrictions? Can I set php system wide to not allow to send mail without smtp authentication?
     
  2. tui

    tui Well-Known Member

    Joined:
    Jun 15, 2007
    Messages:
    65
    Likes Received:
    4
    Trophy Points:
    58
    Location:
    Mexico
    cPanel Access Level:
    Root Administrator
    Hello,

    As far i know (Somebody correct me if i am wrong), there is no way to do what you want to do, spammers scripts run in php and they use the php mail() function so you should modify php mail() function or php itself to force smtp on that function. Other thing you can do is to disable php mail() function, but i do not recommend that, a lot of scripts and cms's use the php mail() function and a lot of users does not know coding and they scripts or cms will stop working, so you will go to affect your clients if you disable or force a smtp autentication over php.

    What i use for that kind of problems (Wordpress, other cms or poor scripts) are the options "Maximun Hourly Email by Domain Relayed" and "Maximun percentage of failed or deferred messages a domain may send per hour" in packages.

    This two options are enough for me and my servers, you can adjust them on your packages, in my case, in small packages less email per hour and less maximun % of failed.

    The spammers always send email to random bot-created accounts so a lot of sent mail goes to accounts that does not exist, so those two options block the account/domain to send mail, obviosly, the malicious script will continue sending mail but the outgoing mail is blocked by those two values at server level. So the spam mails sent are very minimal :)
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,165
    Likes Received:
    1,371
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Additional discussion of this topic is available on the following thread:

    How to stop sendmail?

    Thank you.
     
Loading...

Share This Page