> however, configure your applications to use port 587 and close 25 > on 127.0.0.1 may be the easier way to achieve the goal which is > no problem with iptables
excellent solution! thanks :-) > if it is pickup than disable "mail" and a lot of other dangerous PHP > functions in php.ini I've "only" these: disable_functions = phpinfo,exec,shell_exec,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,system,proc_open,popen,curl_exec,curl_multi_exec,parse_ini_file,show_source so I'll add yours! Is there a complete index of functions that I can check if allow or deny? Many thanks for help! Pol > disable_functions = "apache_child_terminate, chown, dl, exec, fileinode, > get_current_user, getmypid, getmyuid, > getrusage, highlight_file, link, mail, openlog, passthru, pclose, > pcntl_alarm, pcntl_errno, pcntl_exec, pcntl_fork, > pcntl_get_last_error, pcntl_getpriority, pcntl_setpriority, > pcntl_signal_dispatch, pcntl_signal, pcntl_sigprocmask, > pcntl_sigtimedwait, pcntl_sigwaitinfo, pcntl_strerror, pcntl_wait, > pcntl_waitpid, pcntl_wexitstatus, > pcntl_wifexited, pcntl_wifsignaled, pcntl_wifstopped, pcntl_wstopsig, > pcntl_wtermsig, pfsockopen, popen, > posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, > proc_close, proc_get_status, proc_nice, > proc_open, proc_terminate, shell_exec, show_source, socket_accept, > socket_bind, symlink, syslog, system" >