By default cPanel is set to accept catchalls, that is mail to
non-existent users, and bounces them. This can result in much spam being
accepted by a cPanel server as spammers often brute force or randomly
address their spam. Further, the bounce is usually set to an innocent
address that was spoofed, creating what is an increasing problem known
as backscatter spam.
A few steps are required to completely fix this. First disable this default setting in cPanel WHM by going to Server Configuration > Tweak Settings > Mail > and set Default catch-all/default address to :blackhole:.
This will silently drop spam rather than bounce it, preventing more backscatter spam.
Next, disable all catchalls on the server:
Simply substitute these phrases in the replace command above, so:
Ensure users can write with:
A few steps are required to completely fix this. First disable this default setting in cPanel WHM by going to Server Configuration > Tweak Settings > Mail > and set Default catch-all/default address to :blackhole:.
This will silently drop spam rather than bounce it, preventing more backscatter spam.
Next, disable all catchalls on the server:
Check if there are any lingering aliases set to bounce with:mkdir -p /etc/valiasesbak cp -R /etc/valiases /etc/valiasesbak sed -i 's/^\*: [^ ]*$/*: :blackhole:/g' /etc/valiases/* replace ':fail: No Such User Here' ':blackhole:' -- /etc/valiases/*
grep '*:' /etc/valiases/* | egrep -v ':blackhole:'
There maybe a few other bounce fail phrases like “Invalid e-mail address. Check and re-send.”
Simply substitute these phrases in the replace command above, so:
replace ':fail: Invalid e-mail address. Check and re-send.' ':blackhole:' -- /etc/valiases/*
Ensure users can write with:
chmod 777 /etc/valiases/* chown nobody:nobody /etc/valiases/*
Lastly, prevent users from re-enabling the catchall. In WHM > Packages > Feature Manager, select Default under Edit a Feature List and then edit. Uncheck Default Address Manager and then save.
No comments:
Post a Comment