Way to throttle email sending via .php scripts ?

[WebHostDog]

Hello,
Is it a way to limit the number of emails sent via .php scripts or/and throttle this emailing speed cause in the case of spamer the server load hit the roof. Seems number of emails per hour limit is not working in this case of script emailing.



Thanks,

 

[hostmedic]

webhost gear to the rescue

simple google search came up w/ this -

http://www.webhostgear.com/index.php?art/id:232

PHP and Apache has a history of not being able to track which users are sending out mail through the PHP mail function from the nobody user causing leaks in formmail scripts and malicious users to spam from your server without you knowing who or where.

Watching your exim_mainlog doesn't exactly help, you see th email going out but you can't track from which user or script is sending it. This is a quick and dirty way to get around the nobody spam problem on your Linux server.

If you check out your PHP.ini file you'll notice that your mail program is set to: /usr/sbin/sendmail and 99.99% of PHP scripts will just use the built in mail(); function for PHP - so everything will go through /usr/sbin/sendmail =)

hope that helps

 

[Kent Brockman]

Possibly a good concept idea, but in my server, my /usr/sbin/sendmail is a binary file, and this solution cannot be accomplished since it's non editable using pico.
Is there any other solution? I'm also interested in checking that nobody is actually somebody.
Regards

 

[WebHostDog]

Hello,
I do not like to track them cause I know who is sending. The aim is to limit them not to overload the server and SPAM before I shut them down. Throttling or/and limit as number per hour.



Thanks,

 

[cPanelDavidG]

Hello,
Is it a way to limit the number of emails sent via .php scripts or/and throttle this emailing speed cause in the case of spamer the server load hit the roof. Seems number of emails per hour limit is not working in this case of script emailing.



Thanks,

I remember a similar thread on WHT this morning. Is the user sending mail using standard SMTP or mail() calls or are they bypassing your SMTP server entirely?

The SMTP Tweak (WHM -> Security -> Security Center -> SMTP Tweak) will curb malicious users from bypassing your SMTP server.

 

[WebHostDog]

Hello,
They are sending via .php script with mail function. I am using CSF and LFD. LFD blockes the folder but after it run (every 5 min.). Till then they can send as many emails as they like.



Thanks,

 

[cPanelDavidG]

Hello,
They are sending via .php script with mail function. I am using CSF and LFD. LFD blockes the folder but after it run (every 5 min.). Till then they can send as many emails as they like.



Thanks,

Odd, typically the mail function routes mail through the SMTP server (by way of sendmail emulation) in a cPanel/WHM environment.

 

[WebHostDog]

Hello,
Yes thats what I am saying if the limit per user or domain works as I have set it in WHM would not be a problem. But seems it is not cause he has sent thousands of emails.


Thanks,