Am 3. August 2019 09:25:29 MESZ schrieb DL via Exim-users >2019-07-29 06:40:30 cwd=/home/nordic/public_html 4 args: >/usr/sbin/sendmail -t -i -p125
Just btw., i would not allow any PHP / LAMP stack in a typical (especially shared) hosting-environment to use the "old" console based access to the "sendmail" emulator/binary and would primwrily force to use SMTP with SMTP-Auth instead. This has several pros, because the attacker can't use shell escapes and can't create/form emails out of that Your SMTP "allows" and a lot of typical bugs or "spam filter problems" (false positives at recipient side) die to bogus / "crappy" declared emails could be prevented this way. And by changing the SMTP users password, You can easily block further usage by the existing relaying / hacked script or (depending from the hack vector) a hacker need to steal the PW from the code or db to use the mailer/relay. For the application / user: using real SMTP provides more control in case of any errors / failures as woking rate-limiting (i.e. in a typical form-mailer). From my experience, any (at least half baken) LAMP/PHP scripts / apps with "email functionality" provide the usage of real SMT today, because many hosters - for security reasons - provide only external SMTPs. hth a bit in any way. just my .02$, niels. -- Niels Dettenbach Syndicat IT & Internet https://www.syndicat.com -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
