OP has problems that those steps won’t solve. Rate limited spam is still spam and will still get you blocked by any reputable provider.
OP has one of the following problems: And exploitable web application that is being used by an attacker to send spam or a user that intentionally sends spam. For some reason, they don’t want to identify or solve the actual problem.
Mr @Joe what do you think about this method
what i understand is that no one can send emails except with postfix permission
That is correct, all other thing being equal, so you should do it and see if it solves the problem of spammers abusing your system.
However, if your system is pwned (if a hacker has full access) then the measure being discussed will not help.
I’ve told you repeatedly that that is a mistaken understanding.
Anyone that can run arbitrary code can send mail in infinite ways. If your users have a shell, they can send mail (without postfix). If they have the ability to upload PHP, they can send mail (even without postfix). And, even without the mail function. Postfix is not necessary to send mail, it never has been. I don’t know how to be more emphatic about that, I’ve said it many times. If you won’t believe me, I don’t know what else to do.
A mathematician and an engineer were in a 1000 meter race. At the finish line was a beautiful woman as the prize. The rule was that the race had to be run in stages such that only half the remaining distance could be covered.
The mathematician though about it withdrew from the race because in theory it was impossible to finish a race in which only half the remaining distance could be covered. But the engineer began to run the race and when someone pointed out to him that he will never really reach the woman as per the rules of the race, he said, I know but I will get close enough for all practical purposes.
Did you not read
You can disable whatever you want, but if a function has been written that uses other functions that have not been disabled your flogging a dead horse read the full thread from where the quote came from
and for the IP address how to do it
I didn’t understand your question because I commented about disabling functions in the php.ini.
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.