Recent Posts
11
E-Mail / Re: postfix sending email every minute
« Last post by djfininho on May 29, 2023, 07:31:56 PM »Yes, cyberspace mentioned the most common vector for spam sending on servers -- an insecure php script that gets exploited/abused to send bulk UCE (unsolicited commercial e-mail). I'm sorry I neglected to mention the possibility in my response, because that's the most common vector these days. In fact, that's the only mail abuse I've seen on my servers is via a malicous php script implanted via a WordPress vulnerability. You may want to consider closing off the php mailer vector altogether and require ONLY authenticated SMTP on the server for mail sending. It depends on your situation, but really I would say generally that using the php mailer functionality is "lazy coding" and you should only use SMTP AUTH for accounting purposes -- it's clear who is sending what and everything is logged.
hello overseer
I disabled the sending of direct email through php, now for sending only smtp auth.
After these suggestions I was able to stop those submissions.
Thank you all for your help.
12
CentOS-WebPanel GUI / How to remove Master server from Slave DNS Server?
« Last post by Biswashost on May 29, 2023, 05:04:11 PM »Hi, I found once I configured my master server with Slave DNS server there have no way to disconnect it. Yeah, I know I can type wrong information in API/Secret/URL section but that's not a solutions. If anyone know where this data stored, kindly share it that why I can disconnect one of my server from my Slave DNS. Thanks.
13
CentOS 7 Problems / Taking 3 minutes to load the Mail Server Manger
« Last post by Dave-London on May 29, 2023, 03:23:17 PM »Hi,
I am new to CWP.
Is it a cpu-hungry piece of code?
I purchased a VPS from OVHCloud.
Just a 1 vCore with 2GB RAM and 40 GB SSD running Centos 7
It takes just over 3 minutes to go from the Dashboard page to the Email -> MailServer Manger page
Is that normal ?
Seems dreadfully slow.
I want to run a wordpress blog on it - will it cope ?
Thanks for any experienced input.
I am new to CWP.
Is it a cpu-hungry piece of code?
I purchased a VPS from OVHCloud.
Just a 1 vCore with 2GB RAM and 40 GB SSD running Centos 7
It takes just over 3 minutes to go from the Dashboard page to the Email -> MailServer Manger page
Is that normal ?
Seems dreadfully slow.
I want to run a wordpress blog on it - will it cope ?
Thanks for any experienced input.
14
Migration from other control panels / Re: cPanel to CWP Pro Migration -> DNS Zones owned by root (in cPanel)
« Last post by overseer on May 29, 2023, 02:21:48 PM »It's been several years since I've migrated my cPanel servers to CWP, but I don't recall there being any issues with DNS zones even back then -- and things should have improved in the intervening 2-3 years. I would think your workaround of changing from root-owned to account-owned should work. But how many zones are we talking about -- a handful? Dozens? Hundreds? Can you just manually recreate the zones on the receiving CWP server? Sometimes that type of workaround is the best course of action and the greatest time saver. Back 2-3 years ago I had to create a custom post-migration script to fix various permission errors I was encountering after migration, which I passed on to the CWP devs.
15
CentOS-WebPanel GUI / Re: CWP Pro proposing gdb-headless updates when not needed
« Last post by overseer on May 29, 2023, 02:14:44 PM »Good job! Exactly the right way to deal with that scenario.
(And of course, I meant CWP's YUM module is a frontend for yum -- not the whole of CWP being a yum frontend!)
(And of course, I meant CWP's YUM module is a frontend for yum -- not the whole of CWP being a yum frontend!)
16
CentOS-WebPanel Bugs / Re: When registering a new user, The username is limited to 8 characters.
« Last post by overseer on May 29, 2023, 02:12:48 PM »CWP imposes the 8 character limitation, just as cPanel used to (and cPanel is something of the spiritual father/reference platform for CWP). But the command line useradd utility can do up to 32 characters. I haven't tested to see if you do an end-run around CWP and it would respect the longer user name. But my suspicion is it would truncated it to 8 char because of the need for longer permutations for MySQL user + DB names: username_dbname. Perhaps this will be something they fix when they start offering EL9 support later this year or next year. AlmaLinux 9, here we come!
17
E-Mail / Re: postfix sending email every minute
« Last post by overseer on May 29, 2023, 02:07:15 PM »Yes, cyberspace mentioned the most common vector for spam sending on servers -- an insecure php script that gets exploited/abused to send bulk UCE (unsolicited commercial e-mail). I'm sorry I neglected to mention the possibility in my response, because that's the most common vector these days. In fact, that's the only mail abuse I've seen on my servers is via a malicous php script implanted via a WordPress vulnerability. You may want to consider closing off the php mailer vector altogether and require ONLY authenticated SMTP on the server for mail sending. It depends on your situation, but really I would say generally that using the php mailer functionality is "lazy coding" and you should only use SMTP AUTH for accounting purposes -- it's clear who is sending what and everything is logged.
18
E-Mail / Re: postfix sending email every minute
« Last post by djfininho on May 29, 2023, 01:12:05 PM »Check HTTP/HTTPS access logs of the websites associated with the user "agendada". I assume some website hosted in the account of the user "agendada" could contain some unprotected mail form or vulnerable mail script. It could be bombarded by spam bots. That is why you could get a lot of mail delivery failures. To solve the problem with the form, protect the form using Google reCaptcha or similar method. In case the bounces are caused by the vulnerable mail script then to avoid the spam submission the script must check the referrer, verify some hidden data from the form, etc.
hello cyberspace
I hadn't thought of that possibility, I'll check the logs
Thanks
19
E-Mail / Re: postfix sending email every minute
« Last post by djfininho on May 29, 2023, 01:10:07 PM »By your log, it looks to be agendada, UID 1010
Try running:Code: [Select]id 1010to find the associated account. Then go into your admin panel and rate limit the amount of mail messages the account can send in an hour, to contain collateral damage while you investigate.
I would seriously consider enacting some Postfix rate limiting restrictions as well in /etc/postfix/main.cf:Code: [Select]##//delivery rate controls/restrictions
# Parrallel delivery force (local=2 and dest=20 are aggressive)
local_destination_concurrency_limit = 6
default_destination_concurrency_limit = 30
# Max flow rate (1 sec delay per 50 emails/sec over the number of emails delivered/sec)
in_flow_delay = 1s
# Tarpit those bots/clients/spammers who send errors or scan for accounts
smtpd_error_sleep_time = 10s
smtpd_soft_error_limit = 5
smtpd_hard_error_limit = 10
# limit max sends per minute
anvil_rate_time_unit = 60s
smtpd_client_event_limit_exceptions = $mynetworks
smtpd_client_recipient_rate_limit = 30
smtpd_client_message_rate_limit = 30
Hello, overseer
In fact there is the scheduled user, there just aren't those email accounts agendada@server.xxxxxxx.xxx.xx
I'll make the settings you gave me.
Thanks
20
CentOS-WebPanel Bugs / When registering a new user, The username is limited to 8 characters.
« Last post by humansoft on May 29, 2023, 11:13:40 AM »CWP inconvenience
When registering a new user,
The username is limited to 8 characters.
Is there a way to register a longer username?
When registering a new user,
The username is limited to 8 characters.
Is there a way to register a longer username?
