ConfigServer Community Forum

Peer support forums for ConfigServer Scripts
https://mail.forum.configserver.com/

csf smtp tweak

https://mail.forum.configserver.com/viewtopic.php?t=386

Page 1 of 1

csf smtp tweak

Posted: 10 Apr 2007, 20:11
by katmai
there is one problem

Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- 0.0.0.0/0 127.0.0.1 tcp dpt:25
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 OWNER GID match 12
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 OWNER GID match 32001
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 OWNER UID match 0
REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 reject-with icmp-port-unreachable


root@nemesis [~]# cat /etc/passwd |grep -w 12
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin

why does it allow user games outgoing mail ? instead of mail ? how can this be modified ?

Posted: 10 Apr 2007, 20:38
by katmai
right now i can send out mails using nobody. i have unchecked smtp tweak from cpanel and left only configserver one. it just doesn't block ..

Posted: 13 Apr 2007, 10:48
by chirpy
That setting has nothing at all to do with sending out by nobody. It restricts email being sent directly to port 25 except by mailman, root and exim. The nobody email is going through exim so won't be blocked. To block that you need to to the option in WHM > Tweak Settings.

Posted: 15 Apr 2007, 01:17
by katmai
small question though. why does csf allow user .. games? to send mail?

Posted: 18 Apr 2007, 22:18
by chirpy
The SMTP_BLOCK allows the same GID's as the cPanel SMTP Tweak does, i.e. mail and mailman. The only UID you've listed is 0 for root.

Posted: 26 Apr 2007, 10:15
by katmai
sorry my mistake i did not see GID
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited