Dear professionals I need your help.
How to security solve this task?
One of my clients need to send e-mail from web form. He uses smtp.office365.com.
If I add "nobody" to SMTP_ALLOWUSER, he can do what he wants.
No I wander if is't ok to add "nobody" to SMTP_ALLOWUSER?
Wasn't it better to allow connection to smtp.office365.com?
If yes, how to add host name (instead of IP) into allow list?
how to allow smtp.office365.com in csf?
Re: how to allow smtp.office365.com in csf?
I'd recommend adding the username of the specific cPanel user looking to connect outbound. That'd be a more secure option than simply allowing nobody (anyone).