BR
asked on
whm settings for php mail
I have a cloud server that where I host a few web sites. I'm using Apache and WHM control panel. I'd like to close my server to send emails if the php scripts is not PHPMailer script?
I want to let my users send email only with phpmailer. ( with a connection to a related mail account using an email address and its password ) I don't want a hacker abuse my php web sites to send their spam emails.
where can I change this settings?
I want to let my users send email only with phpmailer. ( with a connection to a related mail account using an email address and its password ) I don't want a hacker abuse my php web sites to send their spam emails.
where can I change this settings?
You can't do that because PHPMailer can use at least 3 different methods of sending email. Or do you mean the PHP mail() function? Those are two different things although PHPMailer (which is a PHP program you can download) can use the PHP mail() function also. It can also send directly to an external SMTP server and I don't remember what the third method is. Direct socket connection I believe.
ASKER
On the WHM mail options for PHP, I think there is a way that only lets the server send email if I use an email account , ( username and password ) otherwise it shouldn't send email
The web site contact forms on my server should only send emails using the below code
<?php
require 'class.phpmailer.php';
$mail = new PHPMailer;
$mail->IsSMTP(); // Set mailer to use SMTP
$mail->Host = 'smtp1.example.com;smtp2.e xample.com '; // Specify main and backup server
$mail->SMTPAuth = true; // Enable SMTP authentication
$mail->Username = 'jswan'; // SMTP username
$mail->Password = 'secret'; // SMTP password
$mail->SMTPSecure = 'tls'; // Enable encryption, 'ssl' also accepted
$mail->From = 'from@example.com';
$mail->FromName = 'Mailer';
$mail->AddAddress('josh@ex ample.net' , 'Josh Adams'); // Add a recipient
$mail->AddAddress('ellen@e xample.com '); // Name is optional
$mail->AddReplyTo('info@ex ample.com' , 'Information');
$mail->AddCC('cc@example.c om');
$mail->AddBCC('bcc@example .com');
$mail->WordWrap = 50; // Set word wrap to 50 characters
$mail->AddAttachment('/var /tmp/file. tar.gz'); // Add attachments
$mail->AddAttachment('/tmp /image.jpg ', 'new.jpg'); // Optional name
$mail->IsHTML(true); // Set email format to HTML
$mail->Subject = 'Here is the subject';
$mail->Body = 'This is the HTML message body <b>in bold!</b>';
$mail->AltBody = 'This is the body in plain text for non-HTML mail clients';
if(!$mail->Send()) {
echo 'Message could not be sent.';
echo 'Mailer Error: ' . $mail->ErrorInfo;
exit;
}
echo 'Message has been sent';
The web site contact forms on my server should only send emails using the below code
<?php
require 'class.phpmailer.php';
$mail = new PHPMailer;
$mail->IsSMTP(); // Set mailer to use SMTP
$mail->Host = 'smtp1.example.com;smtp2.e
$mail->SMTPAuth = true; // Enable SMTP authentication
$mail->Username = 'jswan'; // SMTP username
$mail->Password = 'secret'; // SMTP password
$mail->SMTPSecure = 'tls'; // Enable encryption, 'ssl' also accepted
$mail->From = 'from@example.com';
$mail->FromName = 'Mailer';
$mail->AddAddress('josh@ex
$mail->AddAddress('ellen@e
$mail->AddReplyTo('info@ex
$mail->AddCC('cc@example.c
$mail->AddBCC('bcc@example
$mail->WordWrap = 50; // Set word wrap to 50 characters
$mail->AddAttachment('/var
$mail->AddAttachment('/tmp
$mail->IsHTML(true); // Set email format to HTML
$mail->Subject = 'Here is the subject';
$mail->Body = 'This is the HTML message body <b>in bold!</b>';
$mail->AltBody = 'This is the body in plain text for non-HTML mail clients';
if(!$mail->Send()) {
echo 'Message could not be sent.';
echo 'Mailer Error: ' . $mail->ErrorInfo;
exit;
}
echo 'Message has been sent';
You can restrict the local mail server but 'class.phpmailer.php' includes all the methods that I was talking about. The SMTP method and the socket method totally bypass the mail server on your site.
ASKER
is my web site safe considering php mails if I can use above code to send email on my contact form? is it possible to any body to force my server send spam emails?
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.