AndyB78

Well-Known Member
Oct 7, 2003
80
2
158
Romania
cPanel Access Level
Root Administrator
Hello,

First, allow me to apologize for all the noob questions/assumptions below. I am 100% new to hookable events.

The problem I am trying to solve
Naturally, when a customer is sending spam (voluntarily or as in most cases, involuntarily) we suspend the email account affected. The problem is that there are reckless/ill-advised/thick-skinned/confused customers that simply reactivate the email account without solving the underlying problem. Naturally the spam resumes.

What I am trying to do
I am trying to find a way to prevent the above problem by denying the unsuspension of email accounts suspended (programmatically or not) for spam right upon the unsuspension attempt, so a custom error is returned to the customer attempting this (or at least even a generic error).

Questions:
1. Generally speaking are hookable events, the way to accomplish this or I understood completely wrong what hookable events are?
2. Is there an appropriate hookable event for this?

Additional question:
3. Is there a better or at least easier way to solve this?

Thanks!
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,884
2,250
463

AndyB78

Well-Known Member
Oct 7, 2003
80
2
158
Romania
cPanel Access Level
Root Administrator
Hi,

Thank you for your feedback. I was aware of this function but I am not trying to suspend the email sending capabilities of the entire cPanel account. I want to obtain the best outcome with minimum impact on the user's activity so I just want to be able to suspend an email account in such a way that it stays suspended.

Is there a way to intercept an attempt from the user to reactivate a suspended email address?

Thanks!
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,884
2,250
463
Hello,

You may want to vote and add feedback to the following feature request, as it's for the functionality you are seeking:

Suspend Outgoing mail for single mail account

As far as using hooks to prevent a cPanel user from unsuspending the login for an email account, you could develop a custom bash script that immediately suspends the login again using the following UAPI function:

UAPI Functions - Email::suspend_login - Software Development Kit - cPanel Documentation

For the purposes of hooks, the corresponding UAPI function when using the "Unsuspend Login" option for email accounts in cPanel is:

UAPI::Email::unsuspend_login

Thus, you'd run your custom bash script as a hook for the unsuspend_login UAPI function using the instructions at:

Guide to Standardized Hooks - Cpanel Functions - Software Development Kit - cPanel Documentation

This would ensure your custom bash script runs automatically anytime someone unsuspends an email account login.

Thank you.
 

AndyB78

Well-Known Member
Oct 7, 2003
80
2
158
Romania
cPanel Access Level
Root Administrator
Hello,

I've tried this (as a script) but unfortunately it doesn't work in my case. In my case it triggers (successfully) a shell script that is normally working OK. I believe the hooked script doesn't work because it runs under the ownership of the cPanel account from where the hook has triggered and the script needs to access root owned files, scripts from /scripts and UAPI api calls. Do you see any solution to this problem?

Thanks,
Kind regards!
 

AndyB78

Well-Known Member
Oct 7, 2003
80
2
158
Romania
cPanel Access Level
Root Administrator
Adding the hook with "--escalateprivs 1" solves the problem right there. But how safe is this? The hook action script doesn't take any user input (it takes data from a file NOT inside /home).

I took a look on a couple of servers and I have found only 2 more instances (both for the same 3rdparty app) that had privilege escalation. Right now I am only using this internally which leads to some security by obscurity (which I know it's not real security) but in time it might be offered as an addon or something and I'd like to know how much of a risk is this privilege escalation.