You can find our user documentation at

Check out our new API beta site!

Page tree
Skip to end of metadata
Go to start of metadata

This document is for a previous release of cPanel & WHM. To view our latest documentation, visit our Home page.

For cPanel & WHM 11.46

(Home >> Service Configuration >> Service Manager)


The Service Manager interface includes a list of TailWatch Drivers and daemons that can run on your server. This feature allows you to perform the following actions:

Click Save at the bottom of the interface after you make your changes.

TailWatch Drivers

TailWatch DriverDescription

This TailWatch driver enables support for IMAP and POP3 before SMTP authentication. This configuration allows users who authenticated against the POP3 or IMAP service in the last 30 minutes to send emails via SMTP without the need to authenticate again.

All users who have access to the IP address can send mail after an individual on that IP address has authenticated against the IMAP or POP3 service. As a result, this option is less secure than requiring password authentication.


As of cPanel & WHM version 11.32, this configuration is disabled by default. We recommend that system administrators do not enable this option in favor of SMTP authentication because most modern mail clients now support SMTP authentication.

To disable Antirelayd from the command line, run the following command as the root user:

/usr/local/cpanel/bin/tailwatchd --disable=Cpanel::TailWatch::Antirelayd

This TailWatch driver monitors the services that you configure in the Service Manager interface.

  • The ChkServd driver attempts to restart a service when it detects that the service has failed.
  • The ChkServd driver provides alerts about service failure, recovery, and timeouts to the contact information that you provide in WHM's Basic cPanel & WHM Setup interface (Home >> Server Configuration >> Basic cPanel & WHM Setup).
EximstatsThis TailWatch driver is the Exim mail statistics tracker. The Eximstats driver maintains the email bandwidth logs, limits email usage, and populates data for the Mail Delivery Reports system.

This TailWatch driver manages the jails that the EXPERIMENTAL: Jail Apache Virtual Hosts using mod_ruid2 and cPanel® jailshell  option in WHM's Tweak Settings interface (Home >> Server Configuration >> Tweak Settings) uses. The JailManager driver updates each user's jail with the root filesystem. 


The ability to enable or disable JailManager corresponds directly to the status of the EXPERIMENTAL: Jail Apache Virtual Hosts using mod_ruid2 and cPanel® jailshell option.

ModSecLogThis TailWatch driver parses the ModSecurity™ audit log and stores the events in the modsec database.
cPBandwdThis TailWatch driver generates the bandwidth logs for IMAP and POP3 mail services.



The daemons that are visible in this interface depend on the services that you have installed on your web server.

cpdavd The cPanel DAV daemon. This daemon enables a set of HTTP extensions that allow users to manage their websites remotely. Leave this daemon active if you intend to host other people’s websites on your web server.
dnsadmin Enable the dnsadmin daemon if you wish to run dnsadmin as a standalone daemon. If you run dnsadmin as a standalone daemon, it improves speed but increases memory usage. If you wish to use multiple dnsadmin processes for zone-related actions, deselect this option.

The HTML-based chat server.


We strongly recommend that you do not enable this daemon, beasue it poses security risks to your server

  • The Entropy Chat script does not sanitize input from the chat message field before use.
  • Malicious users can exploit this to pass harmful data to your server via the chat message field.

The SMTP mail server. This is the part of your mail server that sends and receives mail. You should monitor and enable this feature for most servers.


If you disable this service, the following options will not appear in the Mail section of WHM's Tweak Settings interface (Home >> Server Configuration >> Tweak Settings):

  • Discard FormMail-clone message with bcc:
  • Email delivery retry time
  • Track email origin via X-Source email headers
  • Max hourly emails per domain
  • The percentage of email messages (above the domain's hourly maximum) to queue and retry for delivery.
  • Maximum percentage of failed or deferred messages a domain may send per hour
  • Number of failed or deferred messages a domain may send before protections can be triggered
  • Add X-PopBeforeSMTP header for mail sent via POP-before-SMTP
  • Enable BoxTrapper spam trap
  • Enable Email Archiving support
  • Enable Apache SpamAssassin™ spam filter
exim on another port

You can allow users to run Exim on an additional port. Exim will also run on the default port, 25.


 In the text box, specify the additional port number on which you wish to allow Exim to run. 


The FTP server daemon, which runs your FTP server. If you intend to host other people’s accounts on your web server, leave this feature enabled.


 We strongly recommend that you monitor this feature.

httpd The Apache web server daemon, which handles HTTP requests from visitors. If you intend to host any websites with your web server, you should enable this feature.

The IMAP Courier or Dovecot daemon. This daemon handles how your users download their mail.


We strongly recommend that you monitor this daemon.

 For more information, read our IMAP vs. POP3 documentation.

ipaliases This feature allows you to add more than one IP address to your network adapter. You can use this configuration to run multiple connections on a single network, where each connection serves an additional purpose.

The MySQL database server. This handles database queries. If you plan to host any content management systems or applications that require a database, leave this feature enabled, or enable the postgresql server.


We recommend that you monitor this daemon.


The Berkeley Internet Name Domain (BIND) daemon, which runs the nameservers.


 You should only enable this daemon if you wish to use your own nameservers. For more information, read our Nameserver Selection documentation.

NSD The open-source name server daemon. You should only enable it if you wish to use your own nameservers.

The POP3 courier/dovecot daemon. This handles how your users will download their mail.


We strongly recommend that you monitor this daemon.

spamd The Apache SpamAssassin™ server. This daemon attempts to filter spam messages. If you disable this daemon, make sure that you also disable it in the Tweak Settings Mail interface (Home >> Server Configuration >> Tweak Settings).
sshd The secure shell (SSHdaemon that allows users to connect to your server in a terminal session via SSH.

The system log daemon. This daemon handles your web server's monitoring and logging system information.


We strongly recommend that you enable this daemon.


The log monitor service. This daemon functions as a framework that allows you to user-interpretable logs.


We strongly recommend that you enable this daemon.