{"id":252,"date":"2017-05-01T22:44:38","date_gmt":"2017-05-01T14:44:38","guid":{"rendered":"http:\/\/matnet.my\/blog\/?p=252"},"modified":"2017-05-01T22:48:12","modified_gmt":"2017-05-01T14:48:12","slug":"cpanel-server-exim-smtp-auth-restriction-csf","status":"publish","type":"post","link":"https:\/\/matnet.my\/blog\/2017\/05\/cpanel-server-exim-smtp-auth-restriction-csf\/","title":{"rendered":"CPANEL Server &#8211; Exim SMTP AUTH Restriction + CSF"},"content":{"rendered":"<p>The last 2-3 months, my server was been attack with SMTP brute force and there were also accounts that has been compromised and used to sent out SPAM.<\/p>\n<p>This is some of the mitigation action where we restricted the AUTH from only 1 country.<\/p>\n<ol>\n<li>Go to Exim Configuration Manager &#8211; Advance Editors<\/li>\n<li>Find &#8220;Add additional configuration setting&#8221;<\/li>\n<li>Add New Value from the drop down menu &#8220;<span class=\"search_hit\">auth<\/span>_advertise_hosts&#8221;<\/li>\n<li>Fill in the value to =<\/li>\n<li>\n<pre class=\"code\">${if match_ip{$sender_host_address}{iplsearch;\/etc\/<span class=\"search_hit\">exim<\/span>.smtpauth}{*}{}}<\/pre>\n<\/li>\n<li>Scroll down and save<\/li>\n<li>Then edit \/etc\/csf\/csf.conf and enable\u00a0<b>SMTPAUTH_RESTRICT to 1<\/b><\/li>\n<li>Then add your country to\u00a0<strong>CC_ALLOW_SMTPAUTH.\u00a0<\/strong>For my scenario i put it MY since my client from Malaysia.<\/li>\n<li>Then restart your csf with option -r<\/li>\n<li>If you like to allow custom IP range for auth for example to allow login from google. Do add the IP in this file\u00a0<strong>\/etc\/csf\/csf.smtpauth.<\/strong><\/li>\n<\/ol>\n<p>It&#8217;s done.<\/p>\n<p>Thanks to :\u00a0<a href=\"http:\/\/sysadmin.testrock.in\/doku.php?id=advanced:csf:exim&amp;s[]=exim&amp;s[]=auth\">http:\/\/sysadmin.testrock.in\/doku.php?id=advanced:csf:exim&amp;s[]=exim&amp;s[]=auth<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The last 2-3 months, my server was been attack with SMTP brute force and there were also accounts that has &hellip; <a href=\"https:\/\/matnet.my\/blog\/2017\/05\/cpanel-server-exim-smtp-auth-restriction-csf\/\" class=\"more-link\">More <span class=\"screen-reader-text\">CPANEL Server &#8211; Exim SMTP AUTH Restriction + CSF<\/span> <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6,12],"tags":[],"class_list":["post-252","post","type-post","status-publish","format-standard","hentry","category-bsd-nix","category-cpanel-whm","standard"],"_links":{"self":[{"href":"https:\/\/matnet.my\/blog\/wp-json\/wp\/v2\/posts\/252","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/matnet.my\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/matnet.my\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/matnet.my\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/matnet.my\/blog\/wp-json\/wp\/v2\/comments?post=252"}],"version-history":[{"count":5,"href":"https:\/\/matnet.my\/blog\/wp-json\/wp\/v2\/posts\/252\/revisions"}],"predecessor-version":[{"id":257,"href":"https:\/\/matnet.my\/blog\/wp-json\/wp\/v2\/posts\/252\/revisions\/257"}],"wp:attachment":[{"href":"https:\/\/matnet.my\/blog\/wp-json\/wp\/v2\/media?parent=252"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/matnet.my\/blog\/wp-json\/wp\/v2\/categories?post=252"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/matnet.my\/blog\/wp-json\/wp\/v2\/tags?post=252"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}