avoiding spoofing

Discuss our MailScanner install script and MailScanner itself
Post Reply
moribe
Junior Member
Posts: 3
Joined: 08 Aug 2023, 15:03

avoiding spoofing

Post by moribe »

Hello!
Today a few clients received an email from their own accounts saying they've been hacked and the hacker has access to their mail and cPanel account,
We verified and the mail was sent from a different server.

Because of that we're making some changes to the SPF, exim and mailScanner configuration, there is some some mailScanner option to block remote mail from an account to itself or just the SPF will be enough?
Sergio
Junior Member
Posts: 1712
Joined: 12 Dec 2006, 14:56

Re: avoiding spoofing

Post by Sergio »

The best way to go is to create your own SPAMASSASSIN RULE and tell your cPanel customers not to add their own domains in MailScanner WhiteList.

I mean, if the hacker is impersonating you and you have your own domain in your MailScanner White List, then the spoofed email will go thru.

So, if you customer wants to white list himself the best way is to add the customer connection IP or the complete range IP.0/24 in the WhiteList instead of the account domain.

Sergio
Post Reply