Hi guys, just wondering how different hosts keep the spammers at bay. We have tried everything short of doing script breaks to disallow mail sent via php. What do you all do to prevent this type of abuse? Im seriously considering just removing the phpmail function..whats your opinions on this?

We limit emails sent per hour. It really does work well, we get to see who is sending out more emails than they are meant to be.

Do you guys manage this via tweak settings or do you do this in a different manner? And if so do you mind sharing how you accomplished this?

A few 3rd party modifications.

WHMXtra is a great help to prevent spam.

Thanks for the information Richard ill have a look into this script..

Ok so i got things under control we are getting WHMXtra to negate this sort of activity. Also we installed a patch for php that allows you to see the source of the SPAM, makes it alot easier for admins to track this sort of thing down. Heres the link here

http://choon.net/php-mail-header.php

Thanks to all that helped me out..this thread can be closed for informational archive now :D

Have you considered using smtp authentication? Then a username/password is required for sending email. You have to set the mail server up for it. You will need to use strong passwords too.
http://email.about.com/od/emailprogrammingtips/qt/et073006.htm

Also you will need to use a separate mail server, not localhost.
Setup your firewall to only allow connections out on port 25 to your email server.

You could also use Virtual Private Servers on the same box, run Apache on one and Mail server on the other, and only allow connections from Apache ip address to email server ip address on port 25, still using smtp auth.
Uh, this is *nix, right?

They will still try of course.

I use the same method as hosting-shack. I limit messages per hour by 1 domain. I find it the easiest and cheapest solution.

Here is another good way to deal with spam and a little easier to setup.
http://wiki.apache.org/spamassassin/AssassinDeamon
It won't stop spammers from running the scripts though, just keep the email from being delivered.