sending mail without the mail() function?

[bingo123]

Hi, I'm looking for some help.  I manage a small web server which is used for some student's personal pages as well as school projects.  Recently a couple of the students have started up a bit of a spamming project using apache & php, which they promptly deleted.    The server already blocks the mail() as well as several others (specifically phpmailer,mail,dl,exec,passthru,shell_exec,system,pcntl_exec) but they have still been able to use php to send mail.  The mail did not seem to go through our email server, exim, because it didn't show in the logs, however it did get out.  I'm wondering if anyone can help me with some information on alternate methods these students may have used to send mail using php without the above functions, so that I can hopefully block this from happening in the future.  I'm not a php expert, and have only done very basic work with it. Note: the server itself does also function as a mail server, so I don't believe a solution using a firewall to block ports or something like that will work.  Thanks very much.

 

[trq]

You will want to take a look at and block the socket functions.