What is the best way to prevent developers from accessing the email SMTP information for an account we'd like to use for sending emails to customers?
I am thinking of using the native mail()
function in PHP, and setup the credentials outside the code, in the php.ini file where the developers have no access.
The problem now is that the sysadmin can see the password. I am wondering if there's such thing as SMTP authentication using the OAuth tokens or something similar.