Thx 4 the tip Till. I did try mod_sec a while back but found it difficult to control. Maybe I will give it another shot soon.
Does anyone know of a way to prevent a website accessing SMTP?
Maybe with a "Apache Directives" or "Custom php.ini settings"