Ways to Prevent Email Abuse - PowerPoint PPT Presentation

About This Presentation
Title:

Ways to Prevent Email Abuse

Description:

Certain best practices need to be followed in order to ensure that email abuse on cPanel & WHM server can be avoided. – PowerPoint PPT presentation

Number of Views:88
Slides: 21
Provided by: htshosting
Category: Other

less

Transcript and Presenter's Notes

Title: Ways to Prevent Email Abuse


1
Ways to Prevent Email Abuse
2
Table of Contents
  • Introduction
  • Configuration of the Passwords Strength
  • Enable Greylisting
  • Enable cPHulk
  • SMTP Restrictions
  • Exim Configuration Manager
  • Tweak Settings
  • Max Hourly Emails Per Domain
  • Max Hourly Emails Per Domain (Continued)
  • Account-Specific Max Hourly Emails Per Domain
    Settings
  • Prevent nobody from Sending Mail
  • The Percentage of Email Messages (above the
    Account's Hourly Maximum) to Queue and Retry for
    Delivery
  • Maximum Percentage of Failed or Deferred Messages
    a Domain May Send Per Hour
  • Maximum Percentage of Failed or Deferred Messages
    a Domain May Send Per Hour (Continued)
  • Initial Default/Catch-All Forwarder Destination
  • PHP Configuration

3
Introduction
  • The aim of this PPT is to provide information on
    the best practices that need to be followed to
    ensure the prevention of email abuse on a cPanel
    WHM server. cPanel WHM is meant for
    automating tasks related to web hosting for Linux
    operating system.
  • The Best Website Hosting Company, the Best
    Cloud Hosting Company, the Best Reseller
    Hosting Company, etc., these are some of the
    terms that are used to refer to those hosting
    service providers that excel in providing hosting
    service. Hosting service is provided by web
    hosting companies and ensures that websites are
    always accessible and up and running without any
    issues.

4
Configuration of the Passwords Strength
  • Increasing the minimum password strength with
    regard to the mail accounts of the users, results
    in a decrease in the risk of a hacker guessing
    the passwords correctly. The Password Strength
    Configuration interface of WHM needs to be used
    for defining the minimum password strength for
    the mail accounts of the users. It is recommended
    that the default minimum password strength be set
    to at least 50.
  • WHM gtgt Home gtgt Security Center gtgt
    Password Strength Configuration

5
Enable Greylisting
  • Enabling the service of Greylisting helps protect
    a server against spam or unwanted email. When
    this service has been enabled, any email from a
    sender that is unrecognized by the server, is
    temporarily rejected by the mail server. In the
    event that the email is legit, there are attempts
    to resend it by the originating server, after a
    delay. Once enough time has passed, the email is
    accepted by the server.
  • In order to enable this feature, you need to
    navigate to the Greylisting interface of WHM and
    then click Off to toggle the status of the
    feature.
  • WHM gtgt Home gtgt Email gtgt Greylisting

6
Enable cPHulk
  • Protection against brute force attacks for a
    server is ensured by cPHulk. Enabling cPHulk
    helps to reduce the chances of brute force attack
    being used by a hacker for gaining access to the
    mail accounts of a server.
  • You need to navigate to the CPHulk Brute Force
    Protection interface of WHM, for enabling this
    feature. Then you need to click Off in order to
    toggle the status of the feature.
  • WHM gtgt Home gtgt Security Center gtgt CPHulk
    Brute Force Protection

7
1-800-123 -8156
  • Whoa! Thats a big number, arent you
    proud?

8
SMTP Restrictions
  • Spammers cannot interact directly with the remote
    mail servers when SMTP Restrictions feature is
    enabled. Moreover, they cannot work around the
    settings for mail security either. You need to
    navigate to the SMTP Restrictions interface in
    WHM and click Enable in order to enable this
    feature.
  • WHM gtgt Home gtgt Security Center gtgt SMTP
    Restrictions
  • The outgoing email connection attempts to the MTA
    (Mail Transfer Agent), the root user and to the
    mailman system user are restricted by this
    feature. Moreover, this feature makes sure that
    both scripts and users use the sendmail binary of
    Exim.

9
SMTP Restrictions
  • Numerous options with regard to spam and abuse
    prevention are provided by the Exim Configuration
    Manager interface of WHM.
  • WHM gtgt Home gtgt Service Configuration gtgt
    Exim Configuration Manager

10
Tweak Settings
  • Certain settings that are present in the Mail
    section of the Tweak Settings interface in WHM,
    aid in preventing email abuse. These settings are
    mentioned in the following slides.

11
Max Hourly Emails Per Domain
  • This setting serves the purpose of specifying the
    maximum number of emails which can be sent by
    each domain in every hour. Its default setting is
    Unlimited. The following points need to be
    mentioned in this context
  • Email send limits are enforced by the system only
    on remote email deliveries.
  • This setting will not appear if the Exim Mail
    Server service in the Service Manager interface
    of WHM is disabled. WHM gtgt Home gtgt Service
    Configuration gtgt Service Manager
  • This setting will not function if the Eximstats
    driver in the Service Manager interface of WHM is
    disabled. WHM gtgt Home gtgt Service Configuration gtgt
    Service Manager
  • This setting doesnt override the below-mentioned
    settings
  • Maximum Hourly Email by Domain Relayed
  • Maximum percentage of failed or deferred messages
    a domain may send per hour
  • It is recommended that such a value be specified
    that is not Unlimited in order to prevent email
    abuse.

12
Max Hourly Emails Per Domain (Continued)
  • If the option for Max Hourly Emails Per Domain is
    set to 500, then each of the hosted domains can
    send 500 email messages in every hour. You can
    use the setting, the percentage of email messages
    (above the accounts hourly maximum) to queue and
    retry for delivery, for specifying a soft limit.

13
Account-Specific Max Hourly Emails Per Domain
Settings
  • When you want to specify values for an individual
    package or an individual account, you need to use
    the Edit a Package interface of WHM or the Modify
    an Account interface of WHM.
  • WHM gtgt Home gtgt Packages gtgt Edit a Package
  • Or
  • WHM gtgt Home gtgt Account Functions gtgt Modify an
    Account
  • You need to carry out the below-mentioned steps
    for manually editing the cpuser file, in order to
    enable this setting from the command line.
  • Open the file, /var/cpanel/users/username from
    the command line. In it, the term username
    represents the desired account username.
  • Add the MAX_EMAIL_PER_HOUR key in this file and
    specify the selected usernames value.
  • Run the script, /usr/local/cpanel/scripts/updateus
    erdomains

14
Prevent nobody from Sending Mail
  • This setting makes sure that the nobody user is
    denied the ability to send mail to a remote
    address. The default setting is set to On. It is
    recommended that you select the On option to
    prevent email abuse. It is the PHP and CGI
    scripts, which usually run as the nobody user.
    You need to enable the suEXEC or mod_php modules
    in the Apache configuration in order to use a PHP
    or CGI script to send mail.

15
The Percentage of Email Messages (above the
Account's Hourly Maximum) to Queue and Retry for
Delivery
  • It is specified by this setting if the outgoing
    messages for later delivery should be queued,
    once a domain reaches its limit with regard to
    outgoing messages per hour. This settings
    minimum value is 100 and its maximum value is
    10,000.
  • The following key points need to be mentioned in
    this context
  • This option needs to be set to 100 in order to
    force the failure of all outgoing messages, once
    the domain reaches its limit.
  • This setting will not appear if the Exim Mail
    Server service in the Service Manager interface
    of WHM is disabled. WHM gtgt Home gtgt Service
    Configuration gtgt Service Manager
  • This setting will not function if the Eximstats
    driver in the Service Manager interface of WHM is
    disabled. WHM gtgt Home gtgt Service Configuration gtgt
    Service Manager

16
Maximum Percentage of Failed or Deferred Messages
a Domain May Send Per Hour
  • Through this setting the maximum percentage of
    failed or deferred messages, which might be sent
    by your domain in every hour, can be specified.
    The default for this setting is set to Unlimited.
    Outgoing mails from a domain are temporarily
    blocked by your server, when both of the
    below-mentioned conditions are true.
  • The number of failed or deferred messages sent by
    the domain equals that specified in the setting,
    Number of failed or deferred messages a domain
    may send before protections can be triggered.
  • In the total number of sent messages, the
    percentage of failed or deferred messages is
    equal to or greater than the percentage that has
    been specified.
  • All outgoing and local mail, for the previous
    hour, are examined by the system for determining
    if these conditions are met. When only one of the
    above-mentioned conditions is true, outgoing mail
    isnt blocked by the system.

17
Maximum Percentage of Failed or Deferred Messages
a Domain May Send Per Hour (Continued)
  • Maximum Percentage of Failed or Deferred Messages
    a Domain May Send Per Hour (Continued)

18
Initial Default/Catch-All Forwarder Destination
  • The initial forwarding destination with regard to
    the default/catch-all email addresses for new
    accounts is specified by this setting. Emails
    received by the non-existent users on a servers
    domain are handled by the default address. It is
    recommended that this setting be changed from
    System account (default) to Fail, if a lot of
    spam is being received on the default accounts.
    The default setting for newly-created accounts is
    changed by this setting. The following steps need
    to be carried out for changing this setting for
    an existing account
  • Log in to the specific cPanel account or navigate
    to the cPanel interface of the account through
    the List Accounts interface of WHM. WHM gtgt Home
    gtgt Account Information gtgt List Accounts
  • Navigate to the Default Address interface of
    cPanel. cPanel gtgt Home gtgt Email gtgt Default
    Address
  • Select from the menu, Send all unrouted email for
    the following domain, that domain for which you
    need to set a default address.
  • Select the option, Discard the email while your
    server processes it by SMTP time with an error
    message. This option sends an error message to
    the sender.
  • Enter an error message in the text box, Failure
    Message (seen by sender)
  • Click Change.

19
PHP Configuration
  • Server security can be improved by configuring
    PHP and suEXEC, ModRuid2, or suPHP. Through this
    configuration you can have information regarding
    which users run which processes system-wide. It
    needs to be mentioned here that suEXEC should not
    be enabled with ModRuid2, as suEXEC isnt
    compatible with it.
  • CGI applications are forced by ModRuid2 and suPHP
    to run as the cPanel account user. Moreover, some
    of the POSIX.1e capabilities are exploited by
    ModRuid2 in order to ensure performance
    enhancements over the default suEXEC
    configuration of Apache. CGI and PHP applications
    are forced by the suEXEC Apache module to run as
    the cPanel account user.

20
Thanks!
  • ANY QUESTIONS?
  • www.htshosting.org
Write a Comment
User Comments (0)
About PowerShow.com