On 14 Oct 2014, at 08:38 , Ben Johnson <b...@indietorrent.org> wrote: > Basically, my concern is that most sites have a legitimate need to send > email in one form or another (notices to admins, CMS system emails, new > user registrations, web form submissions, etc.), so I'd need to > whitelist virtually all of the unique PHP users, thereby mitigating the > usefulness of this type of control (and perhaps even creating additional > administrative overhead).
You simply make them use standard libraries and authenticated SMTP. FSVO of “simply”, of course. > I missed the "uid=5027"! How foolish of me! *** pssschk!!! slaps own > face *** > > This ties the abuse to a particular website, which is all I really > wanted. So, THANK YOU! Glad you got it sorted. The last time this happened to me with php I had a lot more trouble finding the source of the problem. Now I have all the web stuff on a separate machine from the mail, so it is not possible for web sites to send mail without doing it properly or using someone else’s mail server. -- 'I'm just going to kick some arse dear' 'Oh, good. Just be sure you wrap up well, then.'
