Articles in this section

How to disable PHP mail() function for a spamming domain on Plesk for Linux server?

Yevgeniy Shimanskiy
Updated
kb: how-to Plesk for Linux ABT: Group A

Applicable to:

  • Plesk for Linux

Question

  • How to disable mail() function for a spamming domain on the Plesk server?

Answer

Disable mail() function for a subscription via GUI

  1. Log into Plesk

  2. Go to Subscriptions > example.com > Customize > PHP settings

  3. Add disable_functions = mail string to the Additional configuration directives field:

    php_add.png

  4. Click OK button to apply changes

Warning: Make sure that the corresponding subscription is Locked and does not sync with its Service Plan. Otherwise, the changes will be rewritten by the values defined in the Service Plan.

Warning: If disable_functions = mail is set, but 'mail' is not listed as disabled in Domains > example.com > PHP Settings > phpinfo (), check if some additional PHP modules are installed on the server. Additional PHP modules can overwrite php.ini settings for the domain.

In case the Suhosin PHP module is installed, follow these steps:

  1. Connect to the server via SSH and comment out disable_functions directive in Suhosin config in order not to override the same directives in domains php.ini.

    # grep disable_function /etc/php.d/suhosin.ini
    ;disable_functions =

  2. Add additional PHP directive for domain:

    CONFIG_TEXT: disable_functions = exec, system, mail

Disable mail() function for a subscription via CLI:

  1. Connect to the server via SSH

  2. Execute the following command:

    # plesk bin subscription_settings -u example.com -outgoing_messages_enable_sendmail false

 

Also, the Sendmail utility might be disabled completely by following these steps depending on the required level (server-wide, service plan or subscription):

Disable Sendmail utility completely

Usage of Sendmail utility can be disabled server-wide with the settings at:

  • Log in to Plesk GUI > Tools & Settings > Mail Server Settings > Disable the option Allow scripts and users to use Sendmail

Or on the Service Plan level:

  • Log in to Plesk GUI > Service Plans > <service_plan_name> > Mail > Disable the option Allow scripts and users to use Sendmail

Or on the Subscription level:

  • Log in to Plesk GUI > Subscriptions > example.com > Outgoing mail control > Subscription > Change limits > Disable the option Allow scripts and users to use Sendmail

Additional Information

Also, it is possible to block all outgoing mail that is being sent by PHP scripts like PHPMailer by adding the following iptables rule (on RHEL/CentOS):

  1. Connect to the server via SSH
  2. Save the current iptables rules to the file:

    # iptables-save > /root/pre_iptables_rules

  3. Add the rule that blocks all outgoing packets send by processes where the owner is not postfix excluding local connections from Webmail:

    # iptables -I OUTPUT -m owner ! --uid-owner postfix -m tcp -p tcp --dport 25 ! -d 127.0.0.1 -j REJECT

  4. Install and enable necessary package:

    # yum install iptables-services && systemctl enable iptables-services

  5.  Save iptables rules to make the changes permanent:

    # /sbin/service iptables save

Was this article helpful?

Comments

0 comments

Please sign in to leave a comment.