View All Products
Compute
Storage
Databases
Networking
Developer Tools
Delivery
Security
Services
Industries
Pricing
Community
Engage With Us
Community Questions Switching off php mail function
Log in to Ask a Question

Switching off php mail function

development

Hi,

My webserver was recently under attack from spammers using some buggy ajax script on a client website.

I override /usr/sbin/sendmail using a php script which logs in all sendmail accesses which shows the directory from where the script is trying to send.

Now I want to stopped the php mail() functionality completely and have SMTP authentication.

Please suggest a way to do so.

Thanks

Richard

2 Replies

@richardvc:

Now I want to stopped the php mail() functionality completely
It looks like setting sendmail_path to '/bin/false' will accomplish this (or you could use /bin/true if you want the script to believe that sending mail was successful).

How to set up SMTP authentication depends on which mail transfer agent you are using (Postfix, Exim, Sendmail, Qmail, etc.). A Google search should turn up useful info, or try the Linode library.

Indifidual PHP functions can be disabled using the disable_functions directive in php.ini. If somebody is desperate, though, there are many other ways to send mail. You'd also have to disable all functions that allow making outbound TCP connections or execute anything on the shell.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct