cPanel & WHM Version 98 has been released, and brings a slew of great updates. Take a look at what is included, and then upgrade today!
This object is in archive! 

Email Password Change - Exim Restart

Dan Miller shared this idea 7 years ago
Open Discussion

In the recent days of email accounts becoming compromised to send out spam, even with safeguards in place, it still happens!


If a customer changes their email account password via cPanel and spam is being sent, attackers are using RSET to continue sending mail from the already authenticated session.

We have got around this by closing the session via exim (easiest way is to restart Exim, but could also look in to closing this cleanly for the affected user).


I am requesting a restart of Exim or a clean close of any connections associated with the email account where a password is being changed to prevent spam from still being sent from the pre-authenticated connection.

Leave a Comment
 
Attach a file