On Sat, 1 Oct 2016 15:31:28 +0200 John Fawcett <j...@voipsupport.it> wrote: > I can't speak from hosting experience, but forcing authenticated smtp > connections and rate limiting them with a policy service (like policyd > or postfwd) would be my solution if I had to do this. That would have > the advantages of being able to identify and shut down users that are > abusing or being abused and in the meantime limiting the damage. If
This would be ideal but as I said, they would have to store the passwords in a way that everyone else on the system can read them. > the smtp accounts can use a different set of credentials to the > hosting login, storing them on the web server could be an acceptable Even if the logistics allowed this it would still mean storing email passwords in the clear. > solution over not having any authentication. Some php software may > rely on being able to send from localhost via sendmail, but more > popular php software will generally allow this kind of configuration. I have to allow for all possibilities. > Some other possibilities: > > - configure the sendmail command in a per user php.ini to add the -f > parameter with the user's email account that should override the > nobody envelope sender This might work. I assume that the system php.ini file in /etc would still be read first. It is a bit clumsy since I would have to create a new directory for each user and then create the special INI file there. That's not too bad because I can script the whole thing and don't have to depend on the users understanding the process. > - configure php.ini to add the X-PHP-Originating-Script header > (parameter mail.add_x_header). That will help you track down the uid > of the script owner and the script name if you ever get your hands on > an example email Sometimes the scripts are owned by the user and sometimes by nobody. > - configure the php.ini mail.log parameter. That logs every call to > the mail function in php providing quite a lot of detailed information > (including the full path to the script) That might be useful as well as doing the first suggestion. > - make a wrapper around the sendmail command (you could configure > sendmail_path in php.ini to call that instead of sendmail). The > wrapper could do the checks you mentioned before passing the mail on > to the real sendmail or providing an error back to php. I can't control if they use sendmail or SMTP directly to the mail server. I do block port 25 to anywhere else though so at least I can force them through my mail server. Thanks for the suggestions. -- D'Arcy J.M. Cain System Administrator, Vex.Net http://www.Vex.Net/ IM:da...@vex.net VoIP: sip:da...@vex.net
