cPanel & WHM Version 94 has been released, and brings a slew of great updates. Take a look at what is included, and then upgrade today!

Prevent users from being implicitly authenticating to Exim on the local host

Sloane Bernstein shared this idea 3 years ago
Open Discussion

Currently, if Exim receives an unauthenticated request to relay mail to a remote system, it will attempt to determine whether the connection is coming from a process on the server (see identify_local_connection() in /etc/exim.pl.local). If the connection did originate from the server itself, then the user (except perhaps the nobody user) will be considered authenticated by Exim.

As a system administrator, I want the ability to disable this behavior without breaking system services or mechanisms provided by cPanel. Together with existing features and other requested features, I should be able to force a user to explicitly authenticate via SMTP in order to increase the amount of effort an attacker must expend before a compromised site can be used to send spam.


[cPanel ticket #8816051]

Leave a Comment
 
Attach a file