Just got hit and one of the wordpress sites is sending out hugh amounts of email. De-activated the website. Before activating the website, wanted to put the following in the Custom php.ini settings. php_admin_value[sendmail_path] = "/usr/sbin/sendmail_deactivated -t -i -f [email protected]" When saving the config, getting an error and not allowing it to be saved. Is there another way to stop php websites from using sendmail localhost email and force the site to only use smtp on port 587? Basically just disable sendmail access through php. So even if a file is uploaded with php code to use sendmail it will not be able. Any ideas?
In /etc/php.ini ? If yes, I did try it. I think the setting in the custom php.ini within ispconfig website setting overrides the setting in /etc/php.ini Am I correct?
placing "sendmail_path = /usr/sbin/sendmail_deactivated" in the custom php.ini field in the website section of ispconfig worked. You idea worked. no errors in ispconfig. Yahoooooo!!! Thank you very much for helping. I do appreaciate it. Now to test if php can still send out emails. Hopefully it will fail.
Finally did some testing if php mail() will still work even with placing "sendmail_path = /usr/sbin/sendmail_deactivated" in the ispconfig's website custom php.ini config field. Used the script from the following website. https://conetix.com.au/support/simple-php-mail-test/ The bad news is that it will still send out emails. Went into /etc/php/fpm/pool.d and checked the config files. Noticed that there were two sendmail_path configuration. One was the original that came with ispconfig and the other was from the custom config. Deleted the original sendmail_path and reloaded php-fpm. Then the custom config was active. What a waste that the custom does not supersede the original. Then php mail() does not work because it is listening to the custom config. Anyway did the following so that in the future the sendmail_path will have to be added manually to work or inform the users that they will have to use smtp to send emails. Currently using rspamd's ratelimit to prevent runaway email sending. 1. went to /etc/php/fpm/php.ini and changed the sendmail_path to sendmail_path = sendmail_not_active 2. went to /usr/local/ispconfig/server/conf-custom and copied /usr/local/ispconfig/server/conf/php_fpm_pool.conf.master into it. 3. removed the line "php_admin_value[sendmail_path] = "/usr/sbin/sendmail -t -i -f webmaster@<tmpl_var name='domain'>" Please share any comments or advice.
How embarrassing! You are correct. In the new version the problem of "Went into /etc/php/fpm/pool.d and checked the config files. Noticed that there were two sendmail_path configuration." is not there. My bad.