Sunday, January 10, 2016

Prevent abuse of sendmail for spam



In web servers that host many websites there is always the possibility of a hacked site being abused in order to send spam mails with some kind of php mailer bot.



In my case sendmail is configured for mailing in the php.ini of each site, and I am wondering if there is a way that I can prevent this kind of problem (like aplying rules for maximum mails send from a certain domain etc.).



Dirty hacks (scripted solutions) are also welcome.


Answer



off the top of my head:





  • Disable mail() inside of PHP and allow it per site.

  • Enforce SMTP authorization and refuse non authorized users.

  • Handle (throttle) it on MTA side (postfix, sendmail, etc).


No comments:

Post a Comment

linux - How to SSH to ec2 instance in VPC private subnet via NAT server

I have created a VPC in aws with a public subnet and a private subnet. The private subnet does not have direct access to external network. S...