Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

X-Get-Message-Sender-Via header in email

Discussion in 'E-mail Discussion' started by toplisek, Dec 8, 2017.

  1. toplisek

    toplisek Well-Known Member

    Joined:
    Jan 7, 2010
    Messages:
    124
    Likes Received:
    6
    Trophy Points:
    68
    The mail I receive has X-Get-Message-Sender-Via header when I check Google mail.

    As I understand it will be added by the mailserver. Can be this prevented within WHM as it is seen username and also hosting server ID.
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    43,711
    Likes Received:
    1,794
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Can you verify what method you used to send the email? Also, in "WHM >> Exim Configuration Manager", under the "Mail" tab, let us know if any of the following options are enabled:

    EXPERIMENTAL: Rewrite From: header to match actual sender
    Set SMTP Sender: headers
    Query Apache server status to determine the sender of email sent from processes running as nobody
    Trust X-PHP-Script headers to determine the sender of email sent from processes running as nobody

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. toplisek

    toplisek Well-Known Member

    Joined:
    Jan 7, 2010
    Messages:
    124
    Likes Received:
    6
    Trophy Points:
    68
    Exim Configuration Manager: DISABLE > Default
    Set SMTP Sender OFF > Default
    Query Apache server status to determine the sender of email sent from processes running as nobody ON > Default
    Trust X-PHP-Script headers to determine the sender of email sent from processes running as nobody ON > Default



     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    43,711
    Likes Received:
    1,794
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Can you verify what method you used to send the email?

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. toplisek

    toplisek Well-Known Member

    Joined:
    Jan 7, 2010
    Messages:
    124
    Likes Received:
    6
    Trophy Points:
    68
    I'm using PHP mail function as usual.
     
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    43,711
    Likes Received:
    1,794
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Have you tried disabling those options to see if the issue persists?

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. toplisek

    toplisek Well-Known Member

    Joined:
    Jan 7, 2010
    Messages:
    124
    Likes Received:
    6
    Trophy Points:
    68
    Yest it is the same. It is showing username and hosting details.
     
  8. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    43,711
    Likes Received:
    1,794
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    That part is actually normal. The only way to avoid that is to use SMTP authentication in your PHP script instead of using the PHP mail function.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. toplisek

    toplisek Well-Known Member

    Joined:
    Jan 7, 2010
    Messages:
    124
    Likes Received:
    6
    Trophy Points:
    68
    I see it is PHP programming issue.
    So, due to security, we keep DEFAULT values:
    Exim Configuration Manager: DISABLE > Default
    Set SMTP Sender OFF > Default
    Query Apache server status to determine the sender of email sent from processes running as nobody ON > Default
    Trust X-PHP-Script headers to determine the sender of email sent from processes running as nobody ON > Default

    Is this ok?
     
  10. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    43,711
    Likes Received:
    1,794
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Yes, it's fine to use the default values for those options unless you have a specific need not to.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  11. toplisek

    toplisek Well-Known Member

    Joined:
    Jan 7, 2010
    Messages:
    124
    Likes Received:
    6
    Trophy Points:
    68
    Thank you for this information.
     
  12. toplisek

    toplisek Well-Known Member

    Joined:
    Jan 7, 2010
    Messages:
    124
    Likes Received:
    6
    Trophy Points:
    68
    Every mail that gets sent connects to a server using the IP address, hostname, and email account. As I understand we disable it by making customizations directly to the Exim configuration. Are there steps to follow and set Exim configuration and hide just username as it is seen CP username?
     
  13. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    43,711
    Likes Received:
    1,794
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Please post the specific part of the message header that you are attempting to hide. Also, is there a specific reason you prefer to hide this information?

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  14. toplisek

    toplisek Well-Known Member

    Joined:
    Jan 7, 2010
    Messages:
    124
    Likes Received:
    6
    Trophy Points:
    68
    There is a part where is quoted exact username for each Control panel account and sensitive information:

    X-Envelope-From: <XXX@YYYhosting.com>

    I like to hide XXX which is username and connected to the CP login and YYYhosting as sensitive information. XXX is actually crucial information.
     
  15. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    43,711
    Likes Received:
    1,794
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice