Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

YARPQ - Yet Another Return Path Question

Discussion in 'General Discussion' started by sneader, Sep 4, 2004.

  1. sneader

    sneader Well-Known Member

    Joined:
    Aug 21, 2003
    Messages:
    1,156
    Likes Received:
    40
    Trophy Points:
    178
    Location:
    La Crosse, WI
    cPanel Access Level:
    Root Administrator
    My customer's default mailbox is filling up with bounces from e-mailed order confirmations generated from a perl-based shopping cart, if the recipient's mail was entered incorrectly. The problem is that my customer doesn't want to use his default mailbox, and it is set to :fail:. The script has the FROM set to the customer's real mailbox. Here is an example:

    Return-path: <loginid@www3.myserver.com>
    Received: from loginid by www3.myserver.com with local (Exim 4.34)
    id 1Bvhbp-0000p0-Jx
    for wa2orx@borg.com; Fri, 13 Aug 2004 14:21:01 -0500
    To: thebord@borg.com
    From: sales@domain.com
    Subject: Your Order # 5850
    Message-Id: <E1Bvhbp-0000p0-Jx@www3.myserver.com>
    Date: Fri, 13 Aug 2004 14:21:01 -0500

    loginid is the customer's login id (and therefore, their default address)

    loginid@www3.myserver.com is what is being set for the Return Path -- where is that coming from?

    sales@domain.com is the customer's real working address, and I want any bounces to go to THAT address

    Is there a way to modify my perl-based shopping cart to create a header called Return-path when it sends out mail? Or other suggestions?

    To complicate matters further, spammers have gotten ahold of the address "loginid@www3.myhost.com" so I don't want ALL mail for "loginid@www3.myhost.com" to get forwarded to the customer. I would like any mail going to that address to be bounced or "failed" if possible. And I want the bounces from the form mail to go to a real address, like "sales@domain.com"

    Help?

    - Scott
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,460
    Likes Received:
    21
    Trophy Points:
    463
    Location:
    Go on, have a guess
    If their script is using sendmail has the mail delivery agent, then they need to fix the script by having it use the -f switch to specify their from address which will set the return-path, e.g.:

    sendmail -t -f user@domain.com
    That's coming from the standard way a return-path is generated by an MTA, i.e. username@hostname.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. sneader

    sneader Well-Known Member

    Joined:
    Aug 21, 2003
    Messages:
    1,156
    Likes Received:
    40
    Trophy Points:
    178
    Location:
    La Crosse, WI
    cPanel Access Level:
    Root Administrator
    Thanks for the quick and useful reply, Jonathan! Here is what I found in the script:

    # WHERE IS THE LOCATION OF YOUR SENDMAIL ?
    # ======================================
    # You MUST edit this to match where it is on your server
    # Ask your server admin where sendmail is if you don't know
    # IMPORTANT: You must include any switches and settings
    # IMPORTANT: exactly as they should be in your mail program line
    # EXAMPLE: A typical sendmail location is:
    # EXAMPLE: /usr/sbin/sendmail -t
    # EXAMPLE: /usr/lib/sendmail -t
    # EXAMPLE: Use the "-t" switch - it is a needed security switch
    # EXAMPLE: qmail without -t switch
    # EXAMPLE: /var/qmail/bin/qmail-inject

    $mail_program = '/usr/lib/sendmail -t';

    I'll see if I can change it to be something like:

    $mail_program = '/usr/lib/sendmail -t -f sales@mydomain.com';

    I bet it won't be that easy though! :)

    Hmmm... it also says I can use SMTP... wonder if I'd get any better results if I pointed it to my local SMTP server...

    - Scott
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #3 sneader, Sep 4, 2004
    Last edited: Sep 4, 2004
  4. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,460
    Likes Received:
    21
    Trophy Points:
    463
    Location:
    Go on, have a guess
    That should be all you need to do ;)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. sneader

    sneader Well-Known Member

    Joined:
    Aug 21, 2003
    Messages:
    1,156
    Likes Received:
    40
    Trophy Points:
    178
    Location:
    La Crosse, WI
    cPanel Access Level:
    Root Administrator
    Damn, Jonathan, you are the man!

    I changed the shopping cart perl script to:

    $mail_program = '/usr/lib/sendmail -t -f sales@mydomain.com';

    And it changed the Return-path to sales@mydomain.com and it is working exactly like I wanted it to.

    Thanks!!!!!!!!!!

    - Scott
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,460
    Likes Received:
    21
    Trophy Points:
    463
    Location:
    Go on, have a guess
    My pleasure ;)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. d-woo

    d-woo Well-Known Member

    Joined:
    Aug 9, 2003
    Messages:
    88
    Likes Received:
    0
    Trophy Points:
    156
    Thanks for that info Jonathan.


    2 questions:

    1. How are spammers picking up the usernames in order to send email to username@hostname?

    2. How can we block email to the email address username@hostname?
     
  8. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,460
    Likes Received:
    21
    Trophy Points:
    463
    Location:
    Go on, have a guess
    1. Most likely using dictionary attacks.

    2. Add the hostname.domain.com to /etc/localdomains if it isn't already in it and create an /etc/valiases/hostname.domain.com and add at the bottom:

    *: :fail:

    And then add this wonderful exim dictionary attack ACL:
    http://www.webumake.com/free/exim_deny.pl

    You may want to add the following above the last line:

    root@hostname.domain.com: root

    I've only briefly tested this, so no guarantees ;)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice