{"id":7365,"date":"2019-04-11T16:00:58","date_gmt":"2019-04-11T16:00:58","guid":{"rendered":"https:\/\/www.siliconhouse.net\/support\/?page_id=7365"},"modified":"2019-04-11T16:01:27","modified_gmt":"2019-04-11T16:01:27","slug":"how-mitigate-smtp-auth","status":"publish","type":"page","link":"https:\/\/www.siliconhouse.net\/support\/how-mitigate-smtp-auth\/","title":{"rendered":"How to mitigate SMTP AUTH in cPanel server ?"},"content":{"rendered":"\n<p>To allow remote users to authenticate to the outbound mailserver, SMTP-AUTH can be used. Unfortunately, a spammer can perform a brute force attack to guess the username and password to an account on the mailserver using SMTPAUTH.<\/p>\n\n\n<p><aside id=\"text-16\" class=\"widget widget_text amr_widget\">\t\t\t<div class=\"textwidget\"><div class=\"reseller_web_hosting_support_advts\">\r\n\r\n<div class=\"reseller_web_hosting_support_advts_left\">\r\n<a href=\"https:\/\/www.siliconhouse.net\/linux-reseller-web-hosting-india\" target=\"_blank\"><img decoding=\"async\" border=\"0\" src=\"https:\/\/www.siliconhouse.net\/wp-content\/uploads\/2018\/06\/336X280-saffron-unlimited-499-kickstart.gif\" width=\"336\" height=\"280\" alt=\"Reseller Hosting Special Offer\"><\/a>\r\n<\/div>\r\n\r\n<div class=\"reseller_web_hosting_support_advts_right\">\r\n<a href=\"https:\/\/www.siliconhouse.net\/linux-cloud-server-hosting-india\" target=\"_blank\"><img decoding=\"async\" border=\"0\" src=\"https:\/\/www.siliconhouse.net\/wp-content\/uploads\/2018\/06\/336X280-purple-enterprise-cloud-stak-19.jpg\" width=\"336\" height=\"280\" alt=\"Enterprise Cloud Stack\"><\/a>\r\n<\/div>\r\n\r\n<\/div><\/div>\n\t\t<\/aside> <aside id=\"text-20\" class=\"extendedwopts-md-center widget widget_text amr_widget\">\t\t\t<div class=\"textwidget\"><div class=\"reseller_web_hosting_support_advts\">\r\n<div class=\"reseller_web_hosting_support_advts_left\">\r\n<img decoding=\"async\" border=\"0\" src=\"http:\/\/www.siliconhouse.net\/support\/wp-content\/uploads\/2016\/12\/reseller-hosting-249-offer.gif\" width=\"320\" height=\"100\" alt=\"Reseller Hosting Special Offer\">\r\n<\/div>\r\n\r\n<div class=\"reseller_web_hosting_support_advts_right\">\r\n<img decoding=\"async\" border=\"0\" src=\"http:\/\/www.siliconhouse.net\/support\/wp-content\/uploads\/2016\/12\/reseller-hosting-249-offer.gif\" width=\"320\" height=\"100\" alt=\"Reseller Hosting Special Offer\">\r\n<\/div>\r\n\r\n<\/div><\/div>\n\t\t<\/aside><\/p>\n\n\n\n<p><strong>You can mitigate SMTP AUTH using the below procedure :<\/strong><\/p>\n\n\n\n<p>1.Go to WHM &gt;&gt; choose Exim Configuration Manager from Advance Editors<\/p>\n\n\n\n<p>2.Find \u201cAdd additional configuration setting\u201d<\/p>\n\n\n\n<p>3.Add New Value from the drop down menu \u201cauth_advertise_hosts\u201d<\/p>\n\n\n\n<p>4.Fill in the value to =<br>\n${if match_ip{$sender_host_address}{iplsearch;\/etc\/exim.smtpauth}{*}{}}<\/p>\n\n\n\n<p>5.Scroll down and save<\/p>\n\n\n\n<p>6.Then edit \/etc\/csf\/csf.conf and enable SMTPAUTH_RESTRICT to 1<\/p>\n\n\n\n<p>7.Then add your country to CC_ALLOW_SMTPAUTH. After adding the entry restart the firewall.<br>\nThen restart your csf with option -r<\/p>\n\n\n\n<p>8.If you like to allow custom IP range for auth for example to allow login from google. Do add the IP in this file \/etc\/csf\/csf.smtpauth.<\/p>\n\n\n\n<h1 class=\"wp-block-heading\">CSF, configserver firewall has an option:<\/h1>\n\n\n\n<p>The additional option CC_ALLOW_SMTPAUTH can be used with this option to additionally restrict access to specific countries<\/p>\n\n\n\n<p>This is to help limit attempts at distributed attacks against SMTP AUTH which are difficult to achive since port 25 needs to be open to relay email<\/p>\n\n\n\n<p>The reason why this works is that if EXIM does not advertise SMTP AUTH on a connection, then SMTP AUTH will not accept logins, defeating the attacks without restricting mail relaying<\/p>\n\n\n\n<p>Note: csf and lfd must be restarted if \/etc\/csf\/csf.smtpauth is modified so that the lookup file in \/etc\/exim.smtpauth is regenerated from the information from \/etc\/csf\/csf.smtpauth plus any countries listed in CC_ALLOW_SMTPAUTH<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>To enable this option, set to 1 and make the exim configuration changes<\/li><li>To disable this option, set to 0 and undo the exim configuration changes<\/li><li>SMTPAUTH_RESTRICT = 1<\/li><\/ul>\n","protected":false},"excerpt":{"rendered":"<p>To allow remote users to authenticate to the outbound mailserver, SMTP-AUTH can be used. Unfortunately, a spammer can perform a<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-7365","page","type-page","status-publish","hentry"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.2 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>How to mitigate SMTP AUTH in cPanel server<\/title>\n<meta name=\"description\" content=\"To allow remote users to authenticate to the outbound mailserver, SMTP-AUTH can be used.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.siliconhouse.net\/support\/how-mitigate-smtp-auth\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to mitigate SMTP AUTH in cPanel server\" \/>\n<meta property=\"og:description\" content=\"To allow remote users to authenticate to the outbound mailserver, SMTP-AUTH can be used.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.siliconhouse.net\/support\/how-mitigate-smtp-auth\/\" \/>\n<meta property=\"og:site_name\" content=\"Silicon House - Reseller Hosting - Dedicated Servers - Cloud\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/siliconhouse.net\" \/>\n<meta property=\"article:modified_time\" content=\"2019-04-11T16:01:27+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@siliconhouse\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.siliconhouse.net\/support\/how-mitigate-smtp-auth\/\",\"url\":\"https:\/\/www.siliconhouse.net\/support\/how-mitigate-smtp-auth\/\",\"name\":\"How to mitigate SMTP AUTH in cPanel server\",\"isPartOf\":{\"@id\":\"https:\/\/www.siliconhouse.net\/support\/#website\"},\"datePublished\":\"2019-04-11T16:00:58+00:00\",\"dateModified\":\"2019-04-11T16:01:27+00:00\",\"description\":\"To allow remote users to authenticate to the outbound mailserver, SMTP-AUTH can be used.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.siliconhouse.net\/support\/how-mitigate-smtp-auth\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.siliconhouse.net\/support\/how-mitigate-smtp-auth\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.siliconhouse.net\/support\/how-mitigate-smtp-auth\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.siliconhouse.net\/support\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"How to mitigate SMTP AUTH in cPanel server ?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.siliconhouse.net\/support\/#website\",\"url\":\"https:\/\/www.siliconhouse.net\/support\/\",\"name\":\"Silicon House - Reseller Hosting - Dedicated Servers - Cloud\",\"description\":\"Reseller Hosting - Dedicated Servers - Cloud\",\"publisher\":{\"@id\":\"https:\/\/www.siliconhouse.net\/support\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.siliconhouse.net\/support\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.siliconhouse.net\/support\/#organization\",\"name\":\"Silicon House\",\"url\":\"https:\/\/www.siliconhouse.net\/support\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.siliconhouse.net\/support\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.siliconhouse.net\/support\/wp-content\/uploads\/2016\/10\/siliconhouse-logo.png\",\"contentUrl\":\"https:\/\/www.siliconhouse.net\/support\/wp-content\/uploads\/2016\/10\/siliconhouse-logo.png\",\"width\":42,\"height\":40,\"caption\":\"Silicon House\"},\"image\":{\"@id\":\"https:\/\/www.siliconhouse.net\/support\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/siliconhouse.net\",\"https:\/\/x.com\/siliconhouse\",\"https:\/\/www.youtube.com\/siliconhouse\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"How to mitigate SMTP AUTH in cPanel server","description":"To allow remote users to authenticate to the outbound mailserver, SMTP-AUTH can be used.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.siliconhouse.net\/support\/how-mitigate-smtp-auth\/","og_locale":"en_US","og_type":"article","og_title":"How to mitigate SMTP AUTH in cPanel server","og_description":"To allow remote users to authenticate to the outbound mailserver, SMTP-AUTH can be used.","og_url":"https:\/\/www.siliconhouse.net\/support\/how-mitigate-smtp-auth\/","og_site_name":"Silicon House - Reseller Hosting - Dedicated Servers - Cloud","article_publisher":"https:\/\/www.facebook.com\/siliconhouse.net","article_modified_time":"2019-04-11T16:01:27+00:00","twitter_card":"summary_large_image","twitter_site":"@siliconhouse","twitter_misc":{"Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.siliconhouse.net\/support\/how-mitigate-smtp-auth\/","url":"https:\/\/www.siliconhouse.net\/support\/how-mitigate-smtp-auth\/","name":"How to mitigate SMTP AUTH in cPanel server","isPartOf":{"@id":"https:\/\/www.siliconhouse.net\/support\/#website"},"datePublished":"2019-04-11T16:00:58+00:00","dateModified":"2019-04-11T16:01:27+00:00","description":"To allow remote users to authenticate to the outbound mailserver, SMTP-AUTH can be used.","breadcrumb":{"@id":"https:\/\/www.siliconhouse.net\/support\/how-mitigate-smtp-auth\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.siliconhouse.net\/support\/how-mitigate-smtp-auth\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.siliconhouse.net\/support\/how-mitigate-smtp-auth\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.siliconhouse.net\/support\/"},{"@type":"ListItem","position":2,"name":"How to mitigate SMTP AUTH in cPanel server ?"}]},{"@type":"WebSite","@id":"https:\/\/www.siliconhouse.net\/support\/#website","url":"https:\/\/www.siliconhouse.net\/support\/","name":"Silicon House - Reseller Hosting - Dedicated Servers - Cloud","description":"Reseller Hosting - Dedicated Servers - Cloud","publisher":{"@id":"https:\/\/www.siliconhouse.net\/support\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.siliconhouse.net\/support\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.siliconhouse.net\/support\/#organization","name":"Silicon House","url":"https:\/\/www.siliconhouse.net\/support\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.siliconhouse.net\/support\/#\/schema\/logo\/image\/","url":"https:\/\/www.siliconhouse.net\/support\/wp-content\/uploads\/2016\/10\/siliconhouse-logo.png","contentUrl":"https:\/\/www.siliconhouse.net\/support\/wp-content\/uploads\/2016\/10\/siliconhouse-logo.png","width":42,"height":40,"caption":"Silicon House"},"image":{"@id":"https:\/\/www.siliconhouse.net\/support\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/siliconhouse.net","https:\/\/x.com\/siliconhouse","https:\/\/www.youtube.com\/siliconhouse"]}]}},"_links":{"self":[{"href":"https:\/\/www.siliconhouse.net\/support\/wp-json\/wp\/v2\/pages\/7365","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.siliconhouse.net\/support\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.siliconhouse.net\/support\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.siliconhouse.net\/support\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.siliconhouse.net\/support\/wp-json\/wp\/v2\/comments?post=7365"}],"version-history":[{"count":2,"href":"https:\/\/www.siliconhouse.net\/support\/wp-json\/wp\/v2\/pages\/7365\/revisions"}],"predecessor-version":[{"id":7367,"href":"https:\/\/www.siliconhouse.net\/support\/wp-json\/wp\/v2\/pages\/7365\/revisions\/7367"}],"wp:attachment":[{"href":"https:\/\/www.siliconhouse.net\/support\/wp-json\/wp\/v2\/media?parent=7365"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}