- How to disable mail() function for a spamming domain?
- How to prevent e-mails from being sent via scripts through Sendmail?
To disable PHP mail() function for a domain, follow the steps below:
Go to Plesk > Subscriptions > example.com > Customize > PHP settings > Additional configuration directives
disable_functions = mail
Also, make sure that the corresponding subscription is locked, otherwise the global definitions of that subscription plan will be synced and domain's specific configuration will be lost.
disable_functions = mail is set, but 'mail' is not listed as disabled in Domains > example.com > PHP Settings > phpinfo (), check if some additional PHP modules are installed on the server. Additional PHP modules can overwrite
settings for the domain.
In case Suhosin PHP module is installed, follow these steps:
Connect to the server via SSH and comment out
disable_functionsdirective in Suhosin config in order not to override the same directives in domains
# grep disable_function /etc/php.d/suhosin.ini
Add additional PHP directive for domain:
disable_functions = exec, system, mail
Note: If mail() function is disabled for PHP, but emails are still being sent by unidentified script, sendmail can be disabled completely.
Usage of sendmail utility can be disabled server-wide with the settings at:
Home > Tools & Settings > Mail Server Settings (option: Allow scripts and users to use Sendmail).
Or on service plan at:
Home > Service Plans > <service_plan_name> > Mail (option: Allow scripts and users to use Sendmail).
Or for the subscription at:
Home > Subscriptions > example.com > Outgoing mail control > Subscription > Change limits (option: Allow scripts and users to use Sendmail).
Also, it is possible to block all outgoing mail that is being sent by PHP scripts like PHPMailer by adding the following iptables rule:
- Connect to the server via SSH
- Save current iptables rules to the file:
# iptables-save > /root/pre_iptables_rules
- Add rule that blocks all outgoing packets send by processes where owner is not postfix excluding local connections from Webmail:
# iptables -I OUTPUT -m owner ! --uid-owner postfix -m tcp -p tcp --dport 25 ! -d 127.0.0.1 -j REJECT
- Save iptables rules to make the changes permanent:
# /sbin/service iptables save