On 14 Oct 2014, at 08:38 , Ben Johnson wrote:
> Basically, my concern is that most sites have a legitimate need to send
> email in one form or another (notices to admins, CMS system emails, new
> user registrations, web form submissions, etc.), so I'd need to
> whitelist virtually all of the uniqu
Noel Jones:
> To use more robust username/password authentication, you must use
> SMTP AUTH, which of course requires mail be submitted via SMTP
> rather than sendmail(1).
For submnission with /usr/sbin/sendmail:
/etc/postfix/main.cf
authorized_submit_users = !uid-of-hacked-acount, static:all
On 10/14/2014 9:38 AM, Ben Johnson wrote:
> So, your suggestion to use authorized_submit_users looks very attractive
> in that respect. But given that this facility only controls the system
> users who may submit mail, I'm left wanting for a means by which to
> control authentication requirements,
On 10/13/2014 9:04 PM, Noel Jones wrote:
> On 10/13/2014 6:54 PM, Ben Johnson wrote:
>> Hello!
>>
>> Is it possible to require authentication based on specific properties of
>> an MUA or its connection?
>>
>> I would like to require all connections that originate from the php-fpm
>> daemon (or its
On 10/13/2014 04:54 PM, Ben Johnson wrote:
> If there is a better way to deal with this nuisance than resorting to
> stricter authentication protocols, I would love to hear alternate
> suggestions. [php direct mailing]
Have you considered adding "system" to the list of disallowed function
calls?
On 10/13/2014 6:54 PM, Ben Johnson wrote:
> Hello!
>
> Is it possible to require authentication based on specific properties of
> an MUA or its connection?
>
> I would like to require all connections that originate from the php-fpm
> daemon (or its children) on the server in question to be forced