In software products, having features that you don’t need is generally a good thing. However, if an unneeded feature is causing more harm than good, then it’s probably a good idea to completely disable it.
For example, one of Joomla’s features is the ability to send e-mail (the mail sending functionality is used for notifications, newsletters, password resets, etc…), but, unfortunately, the word “mail” is a spammer magnet, and that’s why spammers often exploit Joomla’s mail feature to spam people.
Securing your Joomla website and keeping its core and all your extensions up-to-date may prevent that. But, what if you don’t have the experience to do that? Or what if you can’t afford to hire someone to do it for you? Should you ignore the issue? Should you turn a blind eye to the fact that your website is used to spam people? If you do, then rest assured that your host won’t, and at one point, they will shut down your site completely because it will harm the reputation of their entire network. Oh, and by the way, they will shut down your website before letting you know (hosting companies, by the way, are very rigid when it comes to spam).
So, what you should do to prevent your Joomla site from sending out spam emails?
Well, you have 2 options:
- Keeping your website and extensions up-to-date and ensuring that your website is not hacked.
-
Disabling Joomla’s mail functionality.
Assuming you can’t go with option #1 for one reason or another, how can you completely disable Joomla’s mail functionality?
Well, it’s very simple. Here’s how to do this:
- Open the phpmailer.php file located under the libraries/phpmailer folder under your Joomla directory.
-
Go to this line in the code (should be line 585 in Joomla 2.5):
public function Send() {
-
Add the following line just below it:
return true;
-
Save the file and upload it back.
-
That’s i!
Once you do the above, then your Joomla website won’t be able to send any mail, which means that even your contact us page won’t work. So, you should only do this if you don’t expect any legitimate mail to be sent from your Joomla website.
Also keep in mind that you’ll be changing a core file, which means that a future Joomla update may overwrite your changes (so, you’ll need to do these changes again).
If your website is sending out spam and you need help shutting down the Joomla mailing feature, then try implementing the above. It should work, but if, for any reason, it doesn’t work, or if you need help implementing it, then please contact us. We’ll do it for you in no time and for a very affordable fee!
I have a problem: our website goes down every few days after receiving a mail from the hosting company that it has been hacked!
Some files get quarantined and after that the hosting company completely shuts down the website and deletes all the files in public folder which are related to the Joomla.
Hi Ahmed,
We have already contacted you. Typically the hosting company should give its clients at least 24 hours to address the problem before shutting down the website and should never, ever delete files (unless they are purely malicious files).
Thanks for your input on how to disable mailing on a J!2.5 site. It was precious to help me put a temporary stop to spamming while I was mending my site security.
I think it would be also useful to know how to disable the same function in Joomla 3.5.
I have done it by editing the file /libraries/vendor/phpmailer/phpmailer/class.phpmailer.php
I went to the line reading
public function postSend
{
(line 1291-1292 in my case)
and added the line
return true;
immediately after the curly parentheses on line 1292.
It appears to work. Do you have any better idea on how to do it?
Thanks.
Hi Fabrizio,
The file that you changed is the correct one. However, you should add this line at the very beginning of the function send, so, just after:
public function send()
{
Add this line:
return true;