Disable PHP sendmail function for certain users (but not email in general)

H

HHawk79

Verified User
Joined
Sep 3, 2021
Messages
86
Hi all,

We find more and more users which still aren't using any kind of (re)Captcha solution for their online forms (e.g. contact forms).
As a result they are being (ab)used to send out spam a lot.

Now I did search the forums, but the only "solution" I saw was to do the following:
echo 1 > /etc/virtual/limit_username
Click to expand...

But that will also limit the ability for the customer to send emails in general. That's something which I do not desire. I just want to disable the PHP sendmail function for users who's (contact) forms are being abused, because there is no (re)Captcha on it.

Can someone tell me if this is possible and if it is, how?

On our Plesk based servers this is fairly easily done by using CLI command: plesk bin subscription_settings -u DOMAIN -outgoing_messages_enable_sendmail false
We are also using an outgoing mailfilter for several servers, but still we want to cut down in spam in general.

I hope this is possible. Thanks in advance for your time and answers.
 
HHawk79 said:
plesk bin subscription_settings -u DOMAIN -outgoing_messages_enable_sendmail false
Click to expand...
That command is just blocking outgoing messages via sendmail, so that is not only for contact forms not containing any captcha.

You cuold use PHP to disable mail for php by adding "mail" to the disable_functions line in the according php.ini files.

Check this thread:

How to disable PHPMailer Funtion

Dear ! i wanna disable phpmailer funtion on Centos 6 . How to do it ? Please Help Me ! Thanks so much !
forum.directadmin.com forum.directadmin.com
 
Richard G said:
That command is just blocking outgoing messages via sendmail, so that is not only for contact forms not containing any captcha.

You cuold use PHP to disable mail for php by adding "mail" to the disable_functions line in the according php.ini files.

Check this thread:

How to disable PHPMailer Funtion

Dear ! i wanna disable phpmailer funtion on Centos 6 . How to do it ? Please Help Me ! Thanks so much !
forum.directadmin.com forum.directadmin.com
Click to expand...

Actually you are wrong in terms of Plesk; it does stop forms from being send completely (at least on PHP based, which is 99% nowadays). So it DOES work as stated. We have been using this for ages and works perfectly.

When we disable the PHP sendmail function, the form will throw an error message or says the form could not be submitted. In my book that works. Everything else, in terms of email still works. It only stops the PHP sendmail function.

In terms of your solution; yeah I saw that topic as well, did search through the forums first. However that isn't a solution imho, as it will disable it for the server-wide instead of a single user as I requesten in my original post. But maybe I misread and you can disable PHP sendmail per user php.ini. So please do correct me if I am wrong here...
 
HHawk79 said:
Actually you are wrong in terms of Plesk;
Click to expand...
You might want to read again what I stated, because I wasn't wrong. It stops php mail because php sends mail via sendmail, which is what I said. ;)
But it doesn't only stop contact form mail without captcha, which is what you asked. It will stop all php mail for that domain. So I was correct.

HHawk79 said:
But maybe I misread and you can disable PHP sendmail per user php.ini
Click to expand...
As far as I know, the disable_functions works serverwide. It is stated by DA Support that disabling mail, would be working in a per user php.ini.
Be aware that you can not override functions already present in the servers php.ini. You can only add what is not there yet. And normally mail is not present by default, so that should work.

If you want to prevent users changing or deleting php.ini, you might want to create it with certain permissions or ownership so they can't change it.
 
You must log in or register to reply here.
Back
Top