spareknet.org
Customized CPanel Solutions / Server Administration

Home
Disabling Boxtrapper on cPanel Published on November 15th, 2006 Last Modified on: September 8th, 2008
 
Deprecated Information

After cPanel 11 was released the exim code changed to detect whether or not boxtrapper is disabled or not. If you are running cPanel 11, then this guide does not apply to you. This guide is only beneficial for servers that are running cPanel 10, which is being phased out by cPanel.

NOTE: Following this guide will not disable the ability for end users to still configure boxtrapper. However, if you follow this guide and disable boxtrapper, then any attempts to configure Boxtrapper by end users will be in vain, because Exim will not recognize boxtrapper as a feature. To disable the ability for end users to configure Boxtrapper you would need to remove it from the Feature List in your hosting packages. This guide just details how to permanently disable Boxtrapper as an exim ACL on your server.

Boxtrapper is challenge-response based solution to spamming. I believe Earthlink and Spamarrest also have similar programs in play. The system works in that a person that sends a message to an address that is using Boxtrapper will receive a challenge response asking the sender to verify that they intended to send the intended recipient the message. Once the sender verifies this, by clicking a link, that sender is whitelisted. The recipient only receives messages in their inbox that have been verified through this challenge-response system. It ideally means that the recipient would not receive any unintended messages, such as spam.

The problem is that this challenge-response system can cause more headaches than it is actually worth. Consider the following e-mail portion:

From: [email protected]
To: [email protected]
Subject: Buy Viagra

In this example, [email protected] is using Boxtrapper to help fend off spam attempts. And just for argument’s sake, we’ll say that this message is spam. What spammer do you know of uses his real address in the From line? This means that this message will reach your server. Boxtrapper will kick in, see that [email protected] is not on the whitelist for [email protected] so it will generate a challenge-response message. This challenge-message will be sent to [email protected] who, keep in mind, did not send this message. This means that [email protected] may report this challenge-response message as spam, and what server is the culprit behind sending this message? Yours! This leads to blacklisting by your server, the server hosting yourdomain.com because the challenge-response message is being sent to users who do not want the message.

A lot of talk has been done from the cPanel forums regarding Boxtrapper and the inability to fully disable it. A solution that I have found is to remove all instances of boxtrapper in the /etc/exim.conf file. Is this a viable solution? I don’t know, but I do know that there are no mentions of boxtrapper in my exim logs when I do this. By removing the instances of boxtrapper in your /etc/exim.conf file, then Exim basically has no idea what boxtrapper is.

Unfortunately, you cannot remove these lines using the Advanced Editor under Exim Configuration Editor in your WHM. And further, since cPanel prefers editor to be used to make Exim Configuration changes (so that your changes will stay whenever exim is updated), you normally want to make any Exim configuration changes through this editor. My solution, while a bit tedious, is to remove boxtrapper lines in the exim.conf by directly modifying the file after you make Exim Configuration changes in your WHM.

Basically, what you do is continue to make any Exim configuration changes in the Advanced Editor for Exim Configurations. Whenever you are done making changes and click Save, you simply edit the /etc/exim.conf file and remove the offending boxtrapper lines from the command-line. I will detail the exact steps that I have taken to accomplish this below. I have also created a script that will perform these same actions for you, its usage will again be explained below.

There are basically four sections in the default /etc/exim.conf file that refer to boxtrapper. I am simply going to comment out these lines, which is basically the same affect as removing them.

To begin, it is always wise to create a backup of any configuration file prior to making changes. This way you will have a working copy of the configuration file that you can go back to should problems arise. In this case, if you make these changes and save the file and suddenly Exim will not restart, then you will have a backup that you can go back to, that you know should work.

cp /etc/exim.conf /etc/exim.conf-beforemakingchanges

This backs up your current configuration to /etc/exim.conf-beforemakingchanges if something goes wrong, you can always revert back to this configuration with:

cp /etc/exim.conf-beforemakingchanges /etc/exim.conf

and restart Exim.

Now edit the /etc/exim.conf file with your favorite command-line text editor. Personally, I am partial to vim but a lot of people prefer pico or nano it really doesn’t matter. Just open the /etc/exim.conf file in your favorite text editor.

Now with the file open, make sure you are at the top of the file (because I am going to be searching for strings within the file starting at the top) and search for boxtrapper. The first instance you should come to should look something like:

boxtraper_autowhitelist:
    driver = accept
    condition = “${perl{checkbx_autowhitelist}{$authenticated_id}}”
    require_files = “/usr/local/cpanel/bin/boxtrapper”
    transport = boxtrapper_autowhitelist
    unseen

Now just comment out these lines, by adding a # symbol at the beginning of each line. So that instead of the above lines you would see:

# boxtraper_autowhitelist:
#     driver = accept
#     condition = “${perl{checkbx_autowhitelist}{$authenticated_id}}”
#     require_files = “/usr/local/cpanel/bin/boxtrapper”
#     transport = boxtrapper_autowhitelist

#     unseen

You are basically going to do this for all instances of the boxtrapper and the four sections.

Now search for boxtrapper again. This time you should see a section:

virtual_boxtraper_user:
    driver = accept

    condition = “${perl{checkbx_deliver}{$domain}{$local_part}}”
    require_files = “/usr/local/cpanel/bin/boxtrapper”
    domains = lsearch;/etc/userdomains
    retry_use_local_part
    transport = virtual_boxtrapper_userdelivery

And replace this with:

# virtual_boxtraper_user:
#     driver = accept

#     condition = “${perl{checkbx_deliver}{$domain}{$local_part}}”
#     require_files = “/usr/local/cpanel/bin/boxtrapper”
#     domains = lsearch;/etc/userdomains
#     retry_use_local_part
#     transport = virtual_boxtrapper_userdelivery

Search for boxtrapper again:

boxtrapper_localuser:
    driver = accept
    condition = “${perl{checkuserbx}{$local_part}}”
    require_files = “/usr/local/cpanel/bin/boxtrapper”
    check_local_user
    domains = ! lsearch;/etc/userdomains
    transport = local_boxtrapper_delivery

Change to:

# boxtrapper_localuser:
#     driver = accept
#     condition = “${perl{checkuserbx}{$local_part}}”
#     require_files = “/usr/local/cpanel/bin/boxtrapper”
#     check_local_user
#     domains = ! lsearch;/etc/userdomains

#     transport = local_boxtrapper_delivery

And finally, there is one more section that needs to be removed, so search for boxtrapper one more time:

boxtrapper_autowhitelist:
    driver = pipe
    command = /usr/local/cpanel/bin/boxtrapper –autowhitelist “${authenticated_id}”
    user = ${perl{getemailuser}{$authenticated_id}}

    group = mail
    log_output = true
    current_directory = “/tmp”
    return_fail_output = true
    return_path_add = false

local_boxtrapper_delivery:
    driver = pipe
    command = /usr/local/cpanel/bin/boxtrapper “${local_part}”

    user = $local_part
    group = mail
    log_output = true
    current_directory = “/tmp”
    return_fail_output = true
    return_path_add = false

virtual_boxtrapper_userdelivery:
    driver = pipe

    command = /usr/local/cpanel/bin/boxtrapper “${local_part}@${domain}”
    user = “${lookup{$domain}lsearch* {/etc/userdomains}{$value}}”
    group = mail
    log_output = true
    current_directory = “/tmp”
    return_fail_output = true
    return_path_add = false

And change this to read:

# boxtrapper_autowhitelist:
#     driver = pipe
#     command = /usr/local/cpanel/bin/boxtrapper –autowhitelist “${authenticated_id}”
#     user = ${perl{getemailuser}{$authenticated_id}}
#     group = mail
#     log_output = true

#     current_directory = “/tmp”
#     return_fail_output = true
#     return_path_add = false

# local_boxtrapper_delivery:
#     driver = pipe
#     command = /usr/local/cpanel/bin/boxtrapper “${local_part}”

#     user = $local_part
#     group = mail
#     log_output = true
#     current_directory = “/tmp”
#     return_fail_output = true
#     return_path_add = false

# virtual_boxtrapper_userdelivery:
#     driver = pipe
#     command = /usr/local/cpanel/bin/boxtrapper “${local_part}@${domain}”
#     user = “${lookup{$domain}lsearch* {/etc/userdomains}{$value}}”
#     group = mail
#     log_output = true

#     current_directory = “/tmp”
#     return_fail_output = true
#     return_path_add = false

That should be all of the boxtrapper sections in the /etc/exim.conf file. Now just save the file and restart exim:

/scripts/restartsrv_exim

Like I said, I also created a script that does these steps and restarts Exim. The script works by comparing the md5sum of the current /etc/exim.conf file against the md5sum from when the script was previously run. This effectively means that if you run this script and no changes have been made to your /etc/exim.conf file, then the script does not make any changes. If changes were made to your /etc/exim.conf file, but boxtrapper was still disabled, then the script would run, but boxtrapper would not be disabled again.

Basically, you need to run this script any time you make a change to your Exim Configuration through the Advanced Editor in your WHM.

The first thing you need to do is make sure that Digest::MD5 perl module is installed:

/scripts/realperlinstaller Digest::MD5

Now you are ready to use the disable_boxtrapper.pl script.

NOTE: Use this script at your own risk. This is why I am stressing backup procedures. I cannot guarantee that running this script will not have adverse effects, but at least if you create proper backups, then you can quickly revert back to your previous setup.

As with any time you are making changes to a configuration file, it would probably be a good idea to back up your exim.conf file prior to running this script:

cp /etc/exim.conf /etc/exim.conf-beforescript

The disable_boxtrapper.pl script does create a backup of your current exim.conf file whenever it is run, if it is going to make changes to the exim.conf file. The backup the script makes is at /etc/exim.conf.old. However, it’s just always a good idea to create additional backups, especially the first time you are running a script.

Download the script and run it:

wget http://spareknet.org/howtos/boxtrapper/disable_boxtrapper.txt
mv disable_boxtrapper.txt disable_boxtrapper.pl
chmod 700 disable_boxtrapper.pl
./disable_boxtrapper.pl

The script will automatically restart exim so there is no need to restart exim from the command line. Boxtrapper should now be disabled on your server. You will note that a file has been created /etc/exim.conf-md5 which contains the current md5sum of the /etc/exim.conf. Whenever you run disable_boxtrapper.pl again the md5sum of /etc/exim.conf is compared against the md5sum contained in this file. If they match, then that means that no changes have been made to your configuration so there’s no need to make any changes. If they do not match, then boxtrapper is removed from the current /etc/exim.conf file (if necessary) and the new md5sum is stored in /etc/exim.conf-md5. For this reason, I suppose it could be possible to call this script via cron to continuously check and insure that Boxtrapper is disabled. I don’t really recommend this, but I suppose it is possible to do, if you don’t think you can remember to run the script whenever you make Exim configuration changes, or if you think boxtrapper is being continuously re-enabled. A cron entry might look like:

00 * * * * /path/to/disable_boxtrapper.pl

This would run the disable_boxtrapper.pl every hour at the top of each hour. While I don’t recommend this, the cost of doing this is minimal because of the md5sum checks.

As always, questions or comments concerning this are always welcome.

Downloads
disable_boxtrapper.pl — Boxtrapper disabling script