The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Stop valid user from relaying email.

Discussion in 'Security' started by staylor, Mar 11, 2011.

  1. staylor

    staylor Member

    Joined:
    Aug 29, 2007
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    I know everyone hates unnecessary post PLEASE believe I have searched for a solution with no success.

    I know WHM by default blocks open relays but I think a valid user is relaying and I can not stop them.
    WHM >> View Relayers
    I see Users "CPanel" and "User 1" are both relaying emails at an alarming rate causing my servers IP to be blacklisted.

    I suspended "User 1" account yet the relaying continues.

    I have no idea how to stop this I have tried almost everything I had found in the forums.
     
  2. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    What emails is that user sending? If the account is suspended, do they have a cron that is still running? You could always chmod the account to 000 and chown to root:root:

    Code:
    chmod 000 /home/username/
    chown root:root /home/username/
    Please do not do this recursively, so just the top level as I've indicated. Here username would be the cPanel username for that account.
     
  3. staylor

    staylor Member

    Joined:
    Aug 29, 2007
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    I have no idea what emails they are sending. The emails or being relayed from an AOL account through our server or atleast that is what it looks like when I click the username in the View Relayers.

    We have a policy that forbids spamming so I deleted the accounts. So changing the permissions is not necessary. Is ther anyway to prevent user accounts from being able to relay emails? One particular user relayed 80K emails in 24hrs.

    Could there be something about our server that makes us vulnerable?
     
  4. sirdopes

    sirdopes Well-Known Member
    PartnerNOC

    Joined:
    Sep 25, 2007
    Messages:
    141
    Likes Received:
    0
    Trophy Points:
    16
    Are you not wanting any users to be able to send out email or just forwarding? You can set the max emails per hour in the file /var/cpanel/maxemailsperhour to just 1 or 100 and will prevent users from sending out thousands of emails.
     
Loading...

Share This Page