Episode: 202
Title: HPR0202: cpanel whitelisting
Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr0202/hpr0202.mp3
Transcribed: 2025-10-07 13:42:11

---

music
music
music
Hello and welcome to another episode of Hacker Public Radio.
I'll be your host for today, Deep Geek.
Today's topic, White Listing with C-Pamil, and you can find the companion article for this
presentation on my blog website at www.deepgeek.us slash whitelisting-with-cpanil and C-panil
is spelled C-P-A-N-E-L, the whole thing is lowercase.
So what is C-panil, you know, and why would I find this stuff useful, for that matter what
is whitelisting and what are we talking about?
So what we're talking about is email, and as you may have seen, I'm a big advocate of
having things done in a customized manner.
I think the computer should be made to work our way, not us made to work their way.
And so I happen to be kind of an old-school guy, and I'm deeply in love with email.
I still think it's nifty as hell.
My email was invented in a time before we had spammers, and the general public on the
interwebs, you know, it's hard to get it done your way these days, but what I found
is with a simple, shared, inexpensive, shared web host account, you can actually use that
web host's controlling mechanism, that web host accounts control mechanism, to make their
mail system receive your email for you, and do all kinds of wild things with it.
So that's what we're talking about.
We're talking about registering your handle.
I know.
Hack a public read, right?
We all have handles.
So registering your handle, getting a cheap web host account, and then doing email voodoo
with a common C-panel, control panel interface, and C-panel is one of the top three commercial
web front ends for managing your shared web host account.
So it's common out there.
If you were to Google cheap web hosting C-panel, or inexpensive web hosting C-panel, you
would get a whole bunch of entries of web hosts out there just dying for your business,
and you can register your custom domain and have the whole thing done and pay only, you
know, I think I paid $5 per registration and $60 per year for the web host, you know.
And you get access to the email system.
I would even go so far as to advocate if you don't want to have a web page, is to just
point your web page at maybe your Myspace page or something, or maybe your profile
page at your favorite form, and just enjoy the benefits of customized email delivery.
The benefits of C-panel is that once you learn C-panel, it runs on a variety of things.
Once you learn the C-panel interface, you can do some really strange email voodoo with
it.
And how would you like to have your web presence out there sorting through your email for you,
and determining what emails you should be able to pick up via your mobile device, such
as your cell phone or PDA, what emails you should be paged so that they push to you as
opposed to waiting for you to pick them up, and even back at your main computer, just
having all your friends in one email account, and then once in a while checking a less frequently
checked email account for all the general emails you may be receiving.
It's a wonderful thing.
So if you stick with me with this episode, at the best, you'll be a mobile email maven,
and at worst you'll be able to learn some really cool things with your email routing.
So that's what we're talking about here.
So as you can tell, I do do the mobile email thing, and my cell phone provider, I just
changed actually, because I found one with a mobile data plan that I could get on a prepaid
basis.
So goodbye.
You know, goodbye to the old cell phone provider, just gave me telephone service prepaid.
Now I got data prepaid too, and my cell phone provider isn't uncommon in that, for you
to pick up something like your email, you have to go to the mobile web and go to a web
mail interface on the mobile web, and read your email there, and for mine, it happens
to be Yahoo, Yahoo's web mail, which we're all probably all very familiar with.
But your cell phone provider may have their own, uh, into front end that you can use.
And what you would do, well, okay, let's talk about being able to access Yahoo web mail.
You could very well go out there, uh, get a Yahoo mail ID, um, your ID at Yahoo dot com,
and give that out to everybody, as your email address, and pick it up at your home computer,
at your work computer, and on your cell phone, just as easily.
But you're going to run into the same problems that you always run into, where you give out
your email address, and it turns out you give it to somebody who sends you a lot of stuff.
You don't want interrupting you.
You give out your email address, and it gets around the web, and now spammers have it.
I know one guy I met at work where he, when I was developing this stuff, he gave out
his, uh, texting email address to some people at AOL, and there's like this weird scene
and it involves forwarding jokes.
And every time they forward, they, they distribute the email address with them.
And now, you know, he gets emails of jokes, as text messages, and he came again to the
body of joke, was, well, he sees his headers, and he has to pay per message, you know,
that's a horrible thing.
So what I'm talking about is not just using your regular Yahoo Mail ID, but using Yahoo as
an interface to pick up the mail from your, your pop three account on your own domain.
Right?
So this is interesting because you're going to register your own domain, and you can
create as many pop three email accounts as you want on your domain.
And by the way, and I'm not going to be giving actual like commands in this episode, I'm
going to give you more or less of the theoretical overview.
If you need to actually learn to do basic things with C panel, all you have to do is Google
C panel beginners or C panel tutorials.
The later we'll give you the actual C panel, uh, man pages.
And many of these tutorials will put up by web hosting companies.
So you could see then screenshots of how to set up a pop three account, a screenshot
of how to set up a mail forwarding account, stuff like that.
So you know, we don't want to give out our real email address that's tied into any physical
device because then we lose control.
And what we're talking about is keeping control of our email, especially when you may be
paying per message charges and when you commonly deal with people who may not be able to
imagine that something besides a desktop computer might be online.
Let me rant a little bit.
I used to give out, I've had C panel for quite a while and my own web host accounts for
quite a while under a bunch of different domains over the years.
And I used to give out two email addresses to people.
And I would say, this is for my bulk mail and this is for my personal stuff.
What is the mental block?
If you can tell me in English and explain something to me, maybe you can help me out instead
of me trying to help you out with the hack or public radio episode, my feedback email address
is hpr at deepgeek.us.
And if you can email me and tell me what this great phobia that's out there with people
who think that you can only have one email address set in stone for the rest of eternity,
explain it to me because I don't get it.
I mean, if I gave you my personal phone number and my business phone number, would you call
me for BS at work or would you save the BS phone call for when I'm at home?
Could we spec it, right?
So what is the big deal about understanding that you've got one email address for things
you sent to 50 people and if you're going to write the deepgeek a personal note, just
send it to this one.
I want to handle it differently.
I don't understand what's wrong with that.
And I don't understand why the rank and file or the Joe Pinkboy computer user out there
can't understand that he should not give away your email address.
Maybe you don't want it to get around the web, you know, maybe you're afraid Spanish
will get their hands on it.
Now, if I go into your place of employment and say, give me Jack's home phone number,
do they?
No, they say, I'm going to pass this message to you and if he wants to, he'll call
you back because they respect you.
So why can't people do that with email addresses too?
Just please, if you have a way, it just really freaks me out.
Drop me an email and tell me why because I don't freaking get it.
Oh, okay.
Rat mode off.
So what is garbage email?
You know, you just heard my rant, but you know, so you're going to go right away, you're
going to go spam.
Spam is garbage email.
Great deepgeek.
I know the spam is garbage email, but you know, I want to have a more general definition
of spam.
Spam is anything that you would be annoyed with receiving if you had a pay on a per email
basis.
If I get charged, let's say you have biggest report of cell phone provider and they charge
you 1750 for an email case, so you're saying, oh, it's 1750 right now.
Let's say you're in Alaska and you have to use a satellite-based cell phone and now you
have to pay $5 to receive a text message.
Someone sends you the latest, delivered joke.
You know, oh, tell your friends, tell your friends they love them, send a copy to 10 people
and you paid $5 to receive that on your satellite cell phone, your satellite phone.
Would you be annoyed?
Yes.
So, it's not just spam.
We're talking about things that are inappropriate to pay higher connection fees associated with
mobile devices to have them interrupt us.
Perhaps you have a business cell phone you use during the 9-5 hours or something.
You know, is it right to have your friends send their personal things?
Love notes.
Whatever you can imagine, that's not visible to your business email address.
You know, I think we should arrive at a courtesy where we can pull up a name on our screen
and say, okay, I got a business address.
A personal address and a bulkmail address for each person and I can respect those things.
That's what I think a good emailer is and they don't send you garbage and sure if they
hear a good joke and it's a good funny, they send it to you.
But they send it to the right place for you so you can handle it efficiently.
I mean, in this day of mobile email, perhaps we're tooling down the clockware at 90 miles
an hour.
Beat me with something important, not a joke.
So the joke emails, you know, stuff like that, the forwards, endless forwards.
Some people I've seen put a link to, please forward responsibly in their signature block.
It's such a problem.
So, you know, and like I said, maybe you have tried to have an insider email address just
for your special friends and you give it to someone and you realize, boy, I wish I didn't
give them my best email address.
Maybe you're at that point.
Well, how about this for a proposal?
How about you give out an email address and you let the technology do that to the hard
work for you?
Let's use a little bit of artificial intelligence and have computer figure out what I should
be interrupted with and what should wait for a later date.
So what I'm saying is have a published email address, have a public email address and set
up your home computer to check that and you can check it once a day, once a week, once
a month, once every three months, whatever you want.
You know, just if case somebody out of the blue emails, you don't have their email address
on file, it gets misfiled.
You control your own spam that way.
Then you take your mail a statement at your web host and you program it to elevate certain
emails from an untrusted status to a trusted status.
That's what we're talking about.
So the first thing I have to come up with to implement this system is secret email addresses.
This is called security through obscurity when we're going to protect certain email addresses
by not telling anyone what they are.
In my case, I just picked out random numbers from thin air.
You know, 5, 6, 4, 2, 5, 6, 5, 5, 5, 5, 5, 2, 9, 8, 5, 7, 6, at deepgeek.us.
And I actually did two of these and I don't tell anyone what they are.
But what I do is I have a computer system handle it.
So then I go back to my home computer and I set up three downloads from pop three.
The general one, the one that I gave to anyone, I published one and all my stuff that
is undefined is going to fall in there by default.
And then I also pick up the other two email addresses.
So security through obscurity, I'm not going to tell people about the other two email addresses.
And I want them to be, you know, really vague and random because spammers do have lists
of common email addresses.
Like let's say someone's name is John Smith, all right?
Spammers know to try j smith and j smith at every domain they hear about.
So bouncing emails back, if you don't have it defined, if you don't have the pop three
email accounts set up, and then have ones that people will never guess as optimally.
Now you may be asking, well, what do you have to?
You keep saying too.
I have to.
I'm not doing that to annoy you.
I have a very interesting function for, for as I have three pop email addresses, the
published one, the one that's really least frequently used that will page me on my cell
phone.
And I have one that's just people I know who I don't want to pay a per message charge.
All right, then I go back to my Yahoo web mail interface.
And I tell it about the two numbered email addresses.
Now when I go to m.yahoo.com slash mail, and you scroll down and you see, check other email.
I've gone on the web, told Yahoo about those other two secret accounts, but not my first
account, not the published one, because I'm only picking that up at home, maybe once
a week, whatever.
And so I go to the web interface for Yahoo, and I have Yahoo copy the email over from my
secret numbered email accounts to my Yahoo mail folder.
And then I can view just those over my cell phone.
The one that beeps me is accessible as the one that doesn't beat me.
From Yahoo's perspective, but I want to change the perspective of some email.
Some emails, you know, you care about people, right?
So when they do email you, you want to get back right away.
What better, what better convenience than to have a beep or a page?
Or in the case of cell phone, we call it actually the SMS, the short message service, or
what most people call texting.
Your cell phone provider will provide you with a texting email address you can use on
the web.
So for instance, let's say your phone number, now it's a 10 digit number for your cell phone
number.
So if you were a Verizon customer, you could take that 10 digit number and use the ad sign
and do vtext.com, I think it is, for Verizon texting.
And anything to that email address will get copied to your texting interface on your cell
phone.
You'll only get the first 180 characters that way.
So it's good to save a copy where you can get at it because some emails you receive
are going to be longer than 180 digits.
But so you want to copy to the pop 3 email address, but you want the page or the short message
service as a preview and as a notification.
So you're going to try to get the gist from the first 180 characters, the most important
stuff to see if you want to bother to check your web mail from your cell phone.
So see panel, tips and tricks, how to create a cloning email address on see panel.
That is a email address on see panel that will take an email that we see there, store
it in the pop 3 folder, and then take a copy of the email and forward it outside of itself
to your cell phone company.
So you get the message too.
Very simple.
You log into your see panel, you click the mail icon, that brings you to your mail management
sub page.
You go to forwarder, let's say you're going to call this email address, page me also.
Page me also at mydomain.com.
Forward's to 621-621-5555 at vtex.com.
And everything to that email address gets forward passed along to your cell phone company.
Now you back out of that and go back to your mail management page and go to create, add
and edit pop 3 accounts and create one with exactly the same name.
So you have the same name occurring twice, one is a forwarder and one is a pop 3 account.
So now when see panel gets an email to that address, it will forward and store.
This is an undocumented feature of see panel.
I just want to take a moment to point out for our people who aren't used to the computer
guy vernacular.
Undocumented features are also sometimes called bugs, so please don't share this with the
guys at see panel.
They might take it away and really mess us up and the fun for us as they say.
So that's one way of doing it.
Now we're almost at the home play as I'm sure you can see.
We're now at the point where if we check out secret email addresses together, we will
get a spamless situation.
As a matter of fact, until we tell see panel what to put in those email addresses, we will
get nothing.
Now back to that mail management sub menu.
There's an entry called email filtering.
And if you go into there, you'll get a drop-down box where you can choose from headers,
spamming sass and special headers, subject headers, or even message bodies.
So you can create for everybody you want to receive email on the road to or everyone
you know, like I do, because I use this feature very heavily, a scan the from header for
this email address.
And if it's found, you change the destination from your casual email address to your super
secret numbered email address, your obscure email address.
I like to start them with the one that beeps me, and then if I get too many beats for one
person during a month, I demote them.
It's very rude to tell somebody that you demote their email, so it'll be our little secret.
Alright, so then we'll just go in there.
And once we get used to this system, like I said, we might only check out catchmail email
address very infrequently in the future.
That's how you can have white listing.
That list of email addresses was from addresses called your white list, and that represents
your trusted centers, who are going to go through your defense system and come right into
your main email account.
And when you check just those email addresses, you won't see any ads for right, or you
won't see any ads for for Seattleis.
Maybe your friends forward you jokes, but if they make a habit of out of it, or if they
have you on some list of their 500 best friends, you can take them out.
It's up to you, and you don't have to insult them by doing that.
It's a very nice system.
Now it doesn't fit anyplace else, and what I just said, but I promised you email voodoo
in exchange for getting your own domain name.
So there is one more trick, a C-Panel trick I want to tell you about, as you can tell,
I didn't like getting many forwarded jokes.
If people said, hmm, deep geek, maybe I should just send him the computer jokes.
I'd like it more, but I don't like being on any list of my 500 best friends that I call
them.
And I associate this with AOL, I said.
So here's a really cool little thing, another undocumented feature I found, because when
you go that email filtering thing I told you about, it says destination, and the default
is discard, in other words, if you get Viagra with a one in it, throw it in the garbage,
right?
All right, I found out through trial and error that you can put another entry in here.
You can type in colon, fail, colon, that is to say colon, F-A-I-L colon.
And if you do that, whatever triggers that filter will get an email bounce, you know,
mail a name, your email could not be received, because the address does not exist here.
And what I did for a while, and it felt very satisfying, I must say, is I searched all
email headers for any mention of AOL.com, and I c-lined the entire AOL.com domain.
Oh, I feel good.
So I hope you learned a lot from this one.
I hope you guys might take some to heart and fool around with C-panel, fool around with
having your own domain name.
Have a good time with the information.
By the way, if you're thinking, boy, I got my own domain name, I can give out pop
three accounts to everyone.
A lot of people are going to stick with their big DSL and cable modem providers for their
personal email.
You can pretty much set up as just your own domain for email.
As a matter of fact, Mrs. Geek, which is how I jokingly refer to my wife as Mrs. Geek,
she has her own domain, and it's just letters, you know, it stands for my first personal
name, and it's loves her first personal name.com, and the year we were married, you know.
So that's something you might want to think about doing, because if you and a couple of
buddies have pop three email accounts on the same thing, and you begin swatting by
from addresses, and you share friends, then, you know, you don't know, Jack's email might
go to Bill's beeping account or something.
You might want to try avoiding that.
And of course, if you find any really cool, bizarre email voodoo things to do with C-panel
that I haven't mentioned, I'd love you to email me with them.
I'd love to know them.
Like I said, HPR at deepgeek.us is my feedback address, or you can just post to the blog
I will check the blog entry at hackopublicraer.org if you want to go that route.
So let me just say one follow up to an old episode, and then I'll give you a Geek tidbit for
the day.
I did review in a previous episode Death Note The Movie, which was a live action movie
derived from the Death Note anime, Japanese anime.
I want to let you guys know that on the 15th and 16th of October, 2008, this should get
out to you guys before then.
The sequel, Death Note 2, the last name, will be playing in theaters for two days.
You might want to go check it out.
It's being presented by an organization called FathomEvents.com.
So if you are interested in Japanese anime and want to see Japanese anime convert into
a live action film, you may want to go to FathomEvents.com is spelled F-A-T-H-O-M-E-V-E-N-T-S.com.
Find the upcoming page, scroll down to October the 15th and 16th, and there will be Death
Note 2, the last name.
Okay, today's Geek tidbit.
I'm going to do a little two paragraph reading for you guys from an old, old humor book called
Cyberpunk, Handbook, Cyberpunk, Fakebook by St. Jude, Are You Serious and Bought in
Nagle.
It's over 200 pages, I think, and I'm going to read you two paragraphs, so I think that's
the legal under fair use and our current copyright, fanatical corporate environment we live
in in America.
Location location location, what your e-dress says about you, okay, we're talking snob,
how do you deal with the sort of person who will judge you by what you can't afford to
rent, either in real life or online, for snob appeal, consider the dot e-d-u.
Hackers often have dot e-d-u addresses, by finding a comfortable space somewhere in the
virtual basement of a large university and just moving in.
A squad e-d-u at e-dress is intrinsically tony, but think of the possibilities, Princeton.edu?
If you have to buy your way onto an online service, consider the great gray server like
Netcom, anyone might live there, it's neutral turf, no blame, it approves servers, like
U.S. online, or like traveling by bus, there are too many people in line ahead of you,
and most of them you'd rather not end up sleeping next to.
But if you want to impress a connoisseur of e-dresses, a real e-snob, choose a service
run by former hackers, especially ones who got indicted.
Above and beyond, the truly snob proof way to be online is to be the online.
To have your machine act as an internet node, this is expensive so far, but it's clearly
the way of the future.
Using your own node, just like having your own telephone, instead of sharing a party line
with a hippie farmer or using a pay phone in the deli downstairs.
I hope you've enjoyed.
I'm currently, I call it semi-unplugged from the internet.
Some people out there who know me might miss me.
In real life is a little tough, but I'm so interested in the future of hackupublicrare.org.
I've only decided to only semi-unplugged and try to do my regular monthly episode.
So if anyone doesn't see me, where they expect to see me on the interwebs, that is why.
In real life is still a little bit in the way of these days, but I'm still going to pump
out a few things here and there.
So I call it a semi-unplugged state.
Enjoy.
Have a great day.
I'll see you all as soon as possible by caro.net, so head on over to see ARO.18 for all of