Stop cpanelusername@hostname.tld from sending mail ?
My server is used for hosting CMS like wordpress and joomla, as most of the clients are using plugins and themes which are not being downloaded from authorized websites lots of spam mails are found being generated from self triggered spam bot scripts. I have managed to enable detailed exim log and I am able to find the exact script which has caused the issue each time. Meanwhile is it possible to stop these malicious scripts only from spamming
What I want to do is stop mails which are being of the form "cpanelusername@hostname.tld" ? ie stop mailing from the scripts that are not using proper authentication to sent mails
Is it possible with out disabling php mail () ?
I am not supposed to use any kind of third party spam detection software"s. I have done all recommended things by cpanel to prevent email abuse
url
-
Hello, You can disable your php mail function through with the disable function in php.ini file. Also please give a try with the following command. You will get the directory list which are sending the mails from your server. awk '$3 ~ /^cwd/{print $3}' /var/log/exim_mainlog | sort | uniq -c | sed "s|^ *||g" | sort -nr0 -
Hi, Thanks for the update. I have already done your suggestions and I am aware about all these. I have already disabled mail function in the server meanwhile what i need is to stop mails which are being of the form "cpanelusername@hostname.tld[/EMAIL]" most probably the mails which are being sent via php scripts in a "suphp" server. 0 -
Hello, It's default behavior of Exim mail server is to use the cPanel username and hostname of the server, If the From: field is not formatted correctly, empty or the email address does not exist in the cPanel, the From: address will be changed to cpanelusername@hostname.tld If you want to stop this, You will have to use SMTP authentication instead of php mail in your script to send mail from your server 0 -
What I want to do is stop mails which are being of the form "cpanelusername@hostname.tld[/EMAIL]" ? ie stop mailing from the scripts that are not using proper authentication to sent mails. Is there any mechanism in exim ? While researching in this topic, I met with the below update. Go to the location WHM >> Service Configuration >> Exim Configuration Manager Under the section filer, you'll see the file used by exim for filtering. Open that file from the backend of your server and add the below piece of code in the end. if first_delivery and ( ("$h_from:" contains "emailtoblock@domainname.com") ) then fail endif Restart exim Is it possible to modify the above if con and prevent all users from sending mail via php script ? 0 -
What I want to do is stop mails which are being of the form "cpanelusername@hostname.tld[/EMAIL]" ? ie stop mailing from the scripts that are not using proper authentication to sent mails.
Hello, Are you sure that you have already disabled the mail function of PHP? Users should not be able to send out email through PHP if you have disabled that function. Thank you.0 -
Hi Michael, As I have stopped mail function no mails are being sent from the server meanwhile I would like to know if there is some other way to disable "cpanelusername@hostname.tld[/EMAIL]" from sending mails with out disabling php mail () in the server. 0 -
There's no other way I am aware of to stop PHP scripts from sending mails other than by disabling the mail function of PHP in the php.ini file. Thank you. 0
Please sign in to leave a comment.
Comments
9 comments