AH-Tina
08-25-2004, 10:30 AM
This has probably been documented before, but we just recently started using the CPanel demo feature for our potential customers. It was brought to my attention that the CPanel demo allows email to be sent as username/password demo and there apparently isn't a way to shut that off in the demo.
Our fix:
In whm, go to 'exim configuration editor'
click to 'switch to advanced mode'
find the acl section (it will have 'begin acl' right before it)
in the second textarea below that, there will be the existing acl entry, ours
looks like below. Yours might be different, but it should still have
'check_recipient:', possibly some comments, and the 'accept hosts = :' line
-start------------------------------------
check_recipient:
# Exim 3 had no checking on -bs messages, so for compatibility
# we accept if the source is local SMTP (i.e. not over TCP/IP).
# We do this by testing for an empty sending host field.
accept hosts = :
-end-------------------------------------
Right below the check line, add two lines, so that it now looks like (if your
demo login username is something other than 'demo', adjust that as appropriate
- you can customize the error message if you like too. Remember that people
testing the demo legitimately might see this too, so I'd avoid a hostile
message that assumes its going to a spammer)
-start--------------------------------------
check_recipient:
deny message = This feature cannot be used in demo mode
condition = ${if eq {$authenticated_id}{demo}{yes}{no}}
# Exim 3 had no checking on -bs messages, so for compatibility
# we accept if the source is local SMTP (i.e. not over TCP/IP).
# We do this by testing for an empty sending host field.
accept hosts = :
-end-----------------------------------------
Then scroll *waaaay* down to the bottom, and click 'save', confirm exim
restarts without any errors, and you should be set. This will block *all* smtp
relaying thru the account.
Our fix:
In whm, go to 'exim configuration editor'
click to 'switch to advanced mode'
find the acl section (it will have 'begin acl' right before it)
in the second textarea below that, there will be the existing acl entry, ours
looks like below. Yours might be different, but it should still have
'check_recipient:', possibly some comments, and the 'accept hosts = :' line
-start------------------------------------
check_recipient:
# Exim 3 had no checking on -bs messages, so for compatibility
# we accept if the source is local SMTP (i.e. not over TCP/IP).
# We do this by testing for an empty sending host field.
accept hosts = :
-end-------------------------------------
Right below the check line, add two lines, so that it now looks like (if your
demo login username is something other than 'demo', adjust that as appropriate
- you can customize the error message if you like too. Remember that people
testing the demo legitimately might see this too, so I'd avoid a hostile
message that assumes its going to a spammer)
-start--------------------------------------
check_recipient:
deny message = This feature cannot be used in demo mode
condition = ${if eq {$authenticated_id}{demo}{yes}{no}}
# Exim 3 had no checking on -bs messages, so for compatibility
# we accept if the source is local SMTP (i.e. not over TCP/IP).
# We do this by testing for an empty sending host field.
accept hosts = :
-end-----------------------------------------
Then scroll *waaaay* down to the bottom, and click 'save', confirm exim
restarts without any errors, and you should be set. This will block *all* smtp
relaying thru the account.