Facebook
Twitter
Zalem Citizen
New Pleskian
Context : Microsoft 365 no more allow basic SMTP authentication. To allow PHPmailer to send e-mails through M365 Exchange, we set up connectors granting access for one or more IP, and configure PHPmailer to open an unauthenticated SMTP connection on port 25 / TLS.
It's unclear how PHPmailer / PHP / Plesk / Linux will decide which network interface will be used to establish connection.
I tested that and on same server, for same SMTP connection parameters, 2 websites are using 2 different IPs.
So we decide to tell PHPmailer to bind to the interface we choose using something like :
But this may cause mail delivery to be broken when moving the website to another server, or just changing the IP used by hosting subscription.
That's how I met with net_get_interfaces function.
In one hand it will allow us to display in application a warning message if the IP bound to PHPmailer does not match any of the IPs on server.
On other hand I realize that any website of the server (whose subscriptions are all configured in chrooted environement) has access to the whole list of IPs of server, most of all are IPs dedicated to one subscription only.
It seems to me a peculiar flaw : suppose one website executes corrupted code probing the IPs, using a common service like Reverse IP Lookup - All Names Hosted at an IP - DomainTools then tries to find vulneribilities of other websites...
The disable function is not an option, since, for my need, I find it useful to get a list of IPs (namely the shared ones, and the one dedicated to subscription).
So here is (finally, sorry) my question : is there a way to -maybe- bypass PHP and restrict list of IPs shown by net_get_interfaces() function ?
It's unclear how PHPmailer / PHP / Plesk / Linux will decide which network interface will be used to establish connection.
I tested that and on same server, for same SMTP connection parameters, 2 websites are using 2 different IPs.
So we decide to tell PHPmailer to bind to the interface we choose using something like :
PHP:
$phpmailer->SMTPOptions = [
'socket' => [
'bindto' => "x.y.z.t:0",
],
];That's how I met with net_get_interfaces function.
In one hand it will allow us to display in application a warning message if the IP bound to PHPmailer does not match any of the IPs on server.
On other hand I realize that any website of the server (whose subscriptions are all configured in chrooted environement) has access to the whole list of IPs of server, most of all are IPs dedicated to one subscription only.
It seems to me a peculiar flaw : suppose one website executes corrupted code probing the IPs, using a common service like Reverse IP Lookup - All Names Hosted at an IP - DomainTools then tries to find vulneribilities of other websites...
The disable function is not an option, since, for my need, I find it useful to get a list of IPs (namely the shared ones, and the one dedicated to subscription).
So here is (finally, sorry) my question : is there a way to -maybe- bypass PHP and restrict list of IPs shown by net_get_interfaces() function ?
