Forcing PHP users to send email via SendMail

trparky

Well-Known Member
Apr 23, 2003
184
1
168
Ok, we all know that CPanel implemented a way for us to detect who is sending an email via a PHP script even if it is being executed as nobody. I'm talking about the X-Source, X-Source-Args, and X-Source-Dir headers.

Unfortunately, sometimes email that is sent via PHP sometimes is missing those headers. The only thing that I can think of is that they are bypassing SendMail which is the way that Exim is getting the data for those headers. The only way that I know of other than using SendMail is by directly connecting to SMTP using the PHP TCP/IP functions.

Is there a way to force people to use SendMail to send an email and not bypass it without breaking a lot of scripts?
 

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,465
30
473
Go on, have a guess
WHM > Tweak Security > SMTP Tweak > Enable

Note that this basically blocks outgoing connections on port 25 except for root and mailman. Users must therefore use the MUA (i.e. the sylinked sendmail to exim binary).

To do this it uses iptables entries, so if you're already using a software firewall, you will need to adjust it (disable the iptables firewall, then enable the securty tweak to see what it does).
 

jeroman8

Well-Known Member
Mar 14, 2003
410
0
166
I just enabled SMTP Tweak and choose NOT to allow connections to port 25.

I can still send mail using the SMTP server.
I'm sending from my local computer (outlook)

Did I miss something or shouldn't it prevent this also or is it just
for local scripts etc ?