Am 08.10.2013 15:16, schrieb Michael Orlitzky: > On 10/08/2013 01:44 AM, Stan Hoeppner wrote: >> >> Understood. For a more permanent solution to this script problem, you >> may want to consider locking down or disabling the pickup service, and >> configuring all web applications and MUAs to use the submission service >> with auth. This will prevent such scripts from being able to send mail >> in the event some crafty soul is able to get one uploaded via something >> other than FTP. >> > > Having mail() as the universal interface is nice while you're developing > in PHP, since there's no need to fiddle with the settings when moving > between development and production
well, any software i ever developed from 2003 on is using 127.0.0.1:25 if available without authentication and the configured autentication and SMTP host otherwise on no webserver postfix is listening on 127.0.0.1 it listens explicitly on a virtual interface and only there the other option is use http://php.net/manual/de/function.php-uname.php and consider a hostname-scheme for development machines these are all things which are solveable
