cPanel configuration appears to allow unauthenticated SMTP - how to fix?
Posted
by ttsiodras
on Server Fault
See other posts from Server Fault
or by ttsiodras
Published on 2010-03-01T16:06:57Z
Indexed on
2010/05/15
20:06 UTC
Read the original article
Hit count: 212
One of my clients is using a cPanel-based Virtual Dedicated Server that appears to allow unauthenticated SMTP:
bash$ echo EHLO | nc mail.clientscompany.com 25
...
250-SIZE 52428800
250-PIPELINING
250-AUTH PLAIN LOGIN
250-STARTTLS
250 HELP
It therefore appears that anyone (esp. spammers) can use his mail server to send whatever - I just connected from my DSL connection at home, and...
bash$ nc mail.clientscompany.com 25
HELO clientscompany.com
MAIL FROM: [email protected]
RCPT TO: [email protected]
DATA
From: <[email protected]>
To: <[email protected]>
Date: ...
Subject: ...
Blah
.
QUIT
I just tested this, and sure enough, it sent a mail from "[email protected]".
Since I am not familiar with cPanel and WHM, can someone provide pointers to configure his mail server to (a) only accept TLS connections and (b) only authenticated ones (i.e. with user/password, not just plain connections).
Thanks for any help.
© Server Fault or respective owner