New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
How do shared hosting providers block php mail per account?
How do shared hosting providers block access to outbound port 25 or other mail ports? I understand by having a dedicated IP, this is a simple iptables rule.
What are the ways of blocking mail php function on systems with shared outgoing IP?
I'm primarily looking for postfix solutions and ideas. I know that postfix has header checks which may be useful but I'm not sure if that is the right way.
My thinking is to block all outgoing mail unless the users linux account is in the whitelist file. Is there a solution for this?
Thanks!
Comments
I personally wrote our system for our whitelists.
Francisco
You can block by UID in iptables.
https://www.cyberciti.biz/tips/block-outgoing-network-access-for-a-single-user-from-my-server-using-iptables.html
Can you maybe give some details about how the system works, or which components did you use to achieve this? I'm aware that I may need to build up the custom solution as well, but I'm aware that people have already done this and don't want to reinvent the wheel that much.
This may not work in my case, since mail is delivered by the postfix instance on the webserver listening on localhost. Therfore the UID would be postfix always. I tag each email message sent via PHP mail() function with the users linux account id in a custom header.
The current idea is to setup a separate relay server that would accept all emails from webservers that are already tagged with the ID and then filter it somehow. Any more ideas?