Skip to main content

Require localhost SMTP auth

Comments

2 comments

  • dorkstanner
    Tried to edit with more info but got denied for spam. We are running CSF if that helps any. We're on WHM v76.0.0
    0
  • cPanelMichael
    Hello, Anyone that can authenticate as a local cPanel user can use the 127.0.0.1 IP address to send mail without additional authentication (since the user already authenticated into cPanel). This can make it difficult for system administrators to determine which cPanel account sent the mail, especially when a malicious user spoofs an email address to disguise the origin of the email. To require cPanel & WHM to put the actual sender in the header, enable the Experimental: Rewrite From: header to match actual sender option in WHM's How to Prevent Email Abuse - cPanel Knowledge Base - cPanel Documentation Once this option is enabled, you can more easily identify any senders using the server to send out SPAM, and then suspend those accounts or change the passwords to prevent further delivery of such messages. Thank you.
    0

Please sign in to leave a comment.