Imunify Email BETA

Started by gnh73, Jun 19, 2022, 08:07 AM

Previous topic - Next topic

gnh73Topic starter

Are you testing this? If so, what do you think of it? Still need to keep MailChannels, isn't it?
  •  

Sevad

No opinion of MailChannels itself, but their cPanel plugin is dangerous! Pretty much everything is world-writable, meaning if someone were to modify those files and the root user were to access the plugin via WHM, it would be super easy to compromise the system.

I have reached out to them, but I'm still waiting for someone to get back to me... but in the mean time, I think this will help:

find /usr/local/mailchannels -type d -exec chmod 755 {} \;
find /usr/local/mailchannels -type f -exec chmod 644 {} \;
chmod 755 /usr/local/mailchannels/index.php

Wouldn't be a bad idea to do a checksum test to make sure files were not already modified...
  •  

Fess

I would suggest issuing some sort of notice, as most users of the cPanel plugin will not be aware of the fix and will continue using the software that could lead to a root compromise.
  •  

dragon

On DirectAdmin, the Imunify UI requires the proc_open PHP function to be enabled. If you are unable it  to open the Imunify interface, you may see a corresponding message in the webserver error log. If so, please remove it from the disable_functions list in php.ini.

The free version of Imunify  scans site files without restrictions on the period of work, the number of sites and with regular virus database updates, and also checks domains for presence in blacklists. To treat files, you will need to buy ImunifyAV.
  •