How to remove phpmail for only one domain?

  • Quote

    As you can see here, the permit_mynetworks restriction is evaluated before the permit_sasl_authenticated
    restriction. Thus, any customers that are using a PHP SMTP client can
    send mails through your local network without any authentication as long
    they fit the restrictions that appear before the permit_mynetworks restriction.
    Here, you can easily solve the problem by moving the permit_mynetworks restrictions below the permit_sasl_authenticated restrictions, and by restarting Postfix. I'll surely do this for next release anyway

    If i do it....phpmail doesnt work isn´t??? (becasuse it doesnt authenticate itself...)

  • Phpmailer can authenticate itself, but usually the attacker doesn't know the mail-password and relies on mail-relaying without authentication.