Welcome Guest. Please Login or Register  


You are here: Index > Webuzo > Bugs > Topic : Security Bug in Email Services



Threaded Mode | Print  

 Security Bug in Email Services (5 Replies, Read 3487 times)
eaglepie
Group: Member
Post Group: Newbie
Posts: 20
Status:
Hi Support,

1. Email Query Manager Showing more than 36000 mail on queue. Thousands of Mail Already Sended without my notice. System Sending Unsolicited mail cause my mail ip blocking issues. System Sending mail to random mail id/server. Due to that my mail get blocked. How can i stop that from mailing too much mail. I checked on mxtoolbox my website ip showing as blacklist. May be bug or a Security Issue with current webuzo. I got absued notice from hosting provider.

2. Due to Bug/Security Someone has access to send email as root user may be also be login to system without user know. Please Suggest me solution to stop that. I need to update this with hosting provider for restore myall services.

3. Suggestions: Set Daily Email Limit to Root/System user in Webuzo. Also add Seperate Mail Sending limits to by domain. Admin able to set daily send limit to any domain seperately(like multi php setting).



My Panel Config : server.domain.com ( Behind Cloudflare ) Mx Value: Dns Only Set
Primary Domain  : host.example.com


Regards
Gaurav Ghosh
IP: --   

Security Bug in Email Services
eaglepie
Group: Member
Post Group: Newbie
Posts: 20
Status:
Attaching Screenshot from My panel. All mail goes through root user in email queue manager showing as sending as system user.
IP: --   

Security Bug in Email Services
Brijesh
Group: Softaculous Team
Post Group: Super Member
Posts: 5264
Status:
Hi,

Sorry for the delay in response.

The emails sent by the user which is running the process. So if the script is being run by a user the sender will be that user only.

If you are still facing the issue please open a support ticket with us so we can check this for you :
https://softaculous.deskuss.com/open.php

It could be possible that your server is compromised due to which the unsolicited emails are being sent.

We do have option to set limits on outgoing emails which can be configured from Webuzo admin panel -> Email -> Mail Settings

-----------------------
Webuzo - Multi User Hosting Control Panel
AMPPS - Best WordPress/PHP/MySQL development tool
IP: --   

Security Bug in Email Services
eaglepie
Group: Member
Post Group: Newbie
Posts: 20
Status:
Hello Support,

Thanks. Issue Solved. I Generated a ticket. Someone injected a script in my root domain to send spam mail. I set the mail limit through mail setting from unlimited to limit and added mod security, CSF firewall, HTTPS redirect, and spam assassin. Now services are working correctly.

Latest Version 3.3.6 has an issue with Awstats. Currently no 500x and 400x errors. Able to see the Awstats Panel. The issue is All images are broken and do Not give correct statistics after checking the Awstats panel.
IP: --   

Security Bug in Email Services
eaglepie
Group: Member
Post Group: Newbie
Posts: 20
Status:
Hello Support,

Screenshot URI for Reference. https://ibb.co/vhdpkjL Awstats started working after reinstall but gave 404 error for all images related to Awstats. Awstats not showing correct status of visitors. Only Showing Unique Visitor 1. Please Also correct this error in an upcoming version.


IP: --   

advanceamericanancybarry@gmail.com
lupari_123
Group: Member
Post Group: Newbie
Posts: 1
Status:
Hi
IP: --   

« Previous    Next »

Threaded Mode | Print  



Jump To :


Users viewing this topic
1 guests, 0 users.


All times are GMT. The time now is July 4, 2022, 12:48 am.

  Powered By AEF 1.0.8 © 2007-2008 Electron Inc.Queries: 11  |  Page Created In:3.539