Mauritz

Well-Known Member
Apr 29, 2015
62
0
6
Johannesburg
cPanel Access Level
Root Administrator
One of our customers WordPress site got hacked and a script was uploaded which fired off close to a 1000 spam mails within a hour. Was lucky to catch it fast enough but unfortunately a lot left the server. The mail was sent through our [email protected]

As this probably will affect a large number of our customers who mostly rely on mail, I would like to stop all mail sending from our server which is not SMTP authenticated. Note I have already turned on SMTP restrictions? Can I set php system wide to not allow to send mail without smtp authentication?
 

tui

Well-Known Member
Jun 15, 2007
87
7
58
Mexico
cPanel Access Level
Root Administrator
Hello,

As far i know (Somebody correct me if i am wrong), there is no way to do what you want to do, spammers scripts run in php and they use the php mail() function so you should modify php mail() function or php itself to force smtp on that function. Other thing you can do is to disable php mail() function, but i do not recommend that, a lot of scripts and cms's use the php mail() function and a lot of users does not know coding and they scripts or cms will stop working, so you will go to affect your clients if you disable or force a smtp autentication over php.

What i use for that kind of problems (Wordpress, other cms or poor scripts) are the options "Maximun Hourly Email by Domain Relayed" and "Maximun percentage of failed or deferred messages a domain may send per hour" in packages.

This two options are enough for me and my servers, you can adjust them on your packages, in my case, in small packages less email per hour and less maximun % of failed.

The spammers always send email to random bot-created accounts so a lot of sent mail goes to accounts that does not exist, so those two options block the account/domain to send mail, obviosly, the malicious script will continue sending mail but the outgoing mail is blocked by those two values at server level. So the spam mails sent are very minimal :)
 
Thread starter Similar threads Forum Replies Date
Q Email 2
V Email 2
S Email 16
C Email 2
manokiss Email 8