control-panels:cpanel-whm:how-can-i-check-if-my-cpanel-server-has-any-test-email-accounts

Checking a server for "test" email accounts

Test email accounts are typically a security vulnerability. Originally made with an initial purpose of testing, many times with a weak or insecure password and then forgotten about. Regularly checking your server for [email protected] email accounts is a great security precaution.

Find "test" email accounts on cPanel servers

  1. Login to your server via SSH as the root user.
  2. Copy and paste this nifty one line command into the terminal:
    1. grep -i 'test' /home/*/etc/*/passwd | awk 'BEGIN { FS = "/" } ; { print "[email protected]" $5 " email address exists!"}'
  3. If any test email accounts exist, you should see output similar to this:

You can search for other possible email aliases, such as "[email protected]" instead of test by replacing 'test' with 'testing' in the one liner.

control-panels/cpanel-whm/how-can-i-check-if-my-cpanel-server-has-any-test-email-accounts.txt · Last modified: 2016/10/07 13:47 by Daniel P.