Our features site is undergoing a refresh! Be sure to explore the revamped site and discover our latest product roadmap launching here on Monday, March 18th.
New Topic
cPanel & WHM Feature RequestsTopicEmail
This object is in archive! 
Properties
Category Email
Tags exim, password change, restart, spam

Email Password Change - Exim Restart

Dan Miller shared this idea 10 years ago
Open Discussion

In the recent days of email accounts becoming compromised to send out spam, even with safeguards in place, it still happens!


If a customer changes their email account password via cPanel and spam is being sent, attackers are using RSET to continue sending mail from the already authenticated session.

We have got around this by closing the session via exim (easiest way is to restart Exim, but could also look in to closing this cleanly for the affected user).


I am requesting a restart of Exim or a clean close of any connections associated with the email account where a password is being changed to prevent spam from still being sent from the pre-authenticated connection.

4 I like this idea 0  
Leave a Comment
 
Attach a file

cPanel, WebHost Manager and WHM are registered trademarks of cPanel, L.L.C. for providing its computer software that facilitates the management and configuration of Internet web servers.