Solved

whm settings for php mail

Posted on 2013-05-22
5
1,160 Views
Last Modified: 2013-05-22
I have a cloud server that where I host a few web sites. I'm using Apache and WHM control panel. I'd like to close my server to send emails if the php scripts is not PHPMailer script?

I want to let my users send email only with phpmailer. ( with a connection to a related mail account using an email address and its password ) I don't want a hacker abuse my php web sites to send their spam emails.

where can I change this settings?
0
Comment
Question by:Braveheartli
  • 3
  • 2
5 Comments
 
LVL 82

Expert Comment

by:Dave Baldwin
ID: 39186774
You can't do that because PHPMailer can use at least 3 different methods of sending email.  Or do you mean the PHP mail() function?  Those are two different things although PHPMailer (which is a PHP program you can download) can use the PHP mail() function also.  It can also send directly to an external SMTP server and I don't remember what the third method is.  Direct socket connection I believe.
0
 
LVL 1

Author Comment

by:Braveheartli
ID: 39186790
On the WHM mail options for PHP, I think there is a way that only lets the server send email if I use an email account , ( username and password ) otherwise it shouldn't send email

The web site contact forms on my server should only send emails using the below code

<?php
require 'class.phpmailer.php';

$mail = new PHPMailer;

$mail->IsSMTP();                                      // Set mailer to use SMTP
$mail->Host = 'smtp1.example.com;smtp2.example.com';  // Specify main and backup server
$mail->SMTPAuth = true;                               // Enable SMTP authentication
$mail->Username = 'jswan';                            // SMTP username
$mail->Password = 'secret';                           // SMTP password
$mail->SMTPSecure = 'tls';                            // Enable encryption, 'ssl' also accepted

$mail->From = 'from@example.com';
$mail->FromName = 'Mailer';
$mail->AddAddress('josh@example.net', 'Josh Adams');  // Add a recipient
$mail->AddAddress('ellen@example.com');               // Name is optional
$mail->AddReplyTo('info@example.com', 'Information');
$mail->AddCC('cc@example.com');
$mail->AddBCC('bcc@example.com');

$mail->WordWrap = 50;                                 // Set word wrap to 50 characters
$mail->AddAttachment('/var/tmp/file.tar.gz');         // Add attachments
$mail->AddAttachment('/tmp/image.jpg', 'new.jpg');    // Optional name
$mail->IsHTML(true);                                  // Set email format to HTML

$mail->Subject = 'Here is the subject';
$mail->Body    = 'This is the HTML message body <b>in bold!</b>';
$mail->AltBody = 'This is the body in plain text for non-HTML mail clients';

if(!$mail->Send()) {
   echo 'Message could not be sent.';
   echo 'Mailer Error: ' . $mail->ErrorInfo;
   exit;
}

echo 'Message has been sent';
0
 
LVL 82

Expert Comment

by:Dave Baldwin
ID: 39186798
You can restrict the local mail server but 'class.phpmailer.php' includes all the methods that I was talking about.  The SMTP method and the socket method totally bypass the mail server on your site.
0
 
LVL 1

Author Comment

by:Braveheartli
ID: 39186997
is my web site safe considering php mails if I can use above code to send email on my contact form? is it possible to any body to force my server send spam emails?
0
 
LVL 82

Accepted Solution

by:
Dave Baldwin earned 500 total points
ID: 39188488
By changing $mail->Host I can use any SMTP server in the world that I can log into and it will not go thru your mail server.  Also, you should know that most mail servers don't use SSL/TLS.  Gmail and AT&T/Yahoo do and some others but not most.
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo‚Ķ
This article discusses how to create an extensible mechanism for linked drop downs.
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now