cPanel

New MailScanner Front-End (MSFE) v4.22

Changes:

  • Modified MailWatch to better cope with a remote MySQL database
  • Removed Dynaloader from Msfe.pm as cPanel no longer provide it in their perl distribution

cPanel breaks your MTA with 11.23.0-EDGE_24083 and 11.23.0-CURRENT_24083

If you’re running either of the listed builds above, then you could have a broken MTA.For some bizarre reason, cPanel decided to add a new feature that breaks the standard MTA configuration of sending out all email on a servers main IP address. Their change is to send it out on the IP address of the sending domain. This means that unless all your rDNS PTR records for all of your servers IP addresses are set to your hostname a large number of receiving MTA’s on the internet will either treat incoming email as spam or simply bounce it.In their wisdom, cPanel have made this massive MTA change as the new default in EDGE and CURRENT, changing the status quo without your knowledge or indeed control. You cannot currently disable this change and revert back to the way the MTA should work.In the short term, you can delete /etc/mailips and add a line to /scripts/postupcp to remove that file, however this still leaves a window between upcp running /scripts/updateuserdomains and /scripts/postupcp running when your outgoing email could be broken.Apparently this change was made to benefit the use of SPF records. Since that technology has proven to provide little or no benefit, and there are no requirements whatsoever in the MTA RFC’s to use SPF, it seems bizarre that cPanel has taken this route as their default configuration.Note: MTA ~ SMTP Server

Problems with LWP and access to https URL's

If you’re using perl scripts on your server that use LWP and suddenly find them failing with connections to https resources with the following type error:

500 read failed: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number

then you’ve probably got LWP v5.811 installed which breaks SSL connections! The author fixed the problem he created after about two days with v5.812 but the damage was done on many servers. cPanel have put a hold back on cpan module updates for LWP to v5.810 but if your servers already upgraded LWP then you’ll need to either upgrade it manually from the cpan source to v5.812 or downgrade to v5.810.Downgrading LWP:

wget http://search.cpan.org/CPAN/authors/id/G/GA/GAAS/libwww-perl-5.810.tar.gztar -xzf libwww-perl-5.810.tar.gzcd libwww-perl-5.810perl Makefile.PLmake(take the default options unless you want to additional binaries installed)make install

New ClamAV v0.93

Changelog:http://sourceforge.net/project/shownotes.php?release_id=592112Upgrade through WHM MSFE.

New cmm v1.09

Changes:

  • Reduced max lines shown of email to 500 lines. Added option to view the full email
  • Speedup in directory listing of email

New cmm v1.08

Changes:

  • Dramatically reduced memory overhead of listing mail directories by only reading the first 200 lines of any email. Also speeds up directory listing greatly
  • Display only the first 1000 lines of any email to reduce memory overhead and speed up display
  • Added new upgrade mechanism
  • Removed use of the cat binary
  • Added “Select by Search” JS code, thanks to rafaelfpviana on the forum for the code

Upgrade through WHM or by following the installation instructions again.

New csf v3.14

Changes:

  • Added new format for cPanel (v11.18.3) login failures to regex.pm
  • Added exe:/usr/libexec/gam_server to the default list of ignored binaries
  • Fixed problem with SCRIPT_ALERT not picking up alternative /home directories from wwwacct.conf

New csf v3.09

Changes:

  • Fixed missing copy for the portscan.txt report for generic installations
  • Added new option PS_EMAIL_ALERT to enable/disable Port Scan Tracking email alerts
  • Added a sample of the port blocks that trigger the Port Scan to the report. This new report will be copied to /etc/csf/portscan.txt.new on existing installations, rename it to portscan.txt to use it
  • Added Port Scan Tracking to WHM UI Firewall Security Level
  • Added cPAddon update email setting check to Server Security Report
  • Modified the SuEXEC link location to the cPanel v11 location in Server Security Report
  • Added portscan.txt template to editable list in WHM UI
  • Updated readme.txt