I've had this sort of thing happen a few times, and I'm wondering if
anyone know's any way to figure it out, or prevent it:
You have say, 50 websites running on your webserver (mostly PHP, some
cgi). You start to notice your webserver is sending out HUGE amount of
email (which is spam). Looking at any of the messages in the mail
queue, you notice all the messages are coming from
www-data@host.mydomain.tld, so I know they are coming from apache, but
what site is it coming from!?!
I've been curious about running PHP under fastcgi w/apache2 with
FastCGIsuEXEC enabled for each site. From what I understand, doing
this would make the example I gave before send out mail from
(UID-SET)@host.mydomain.tld (rather then www-data) which would do
exactly as I'd want.
What's your experience with this sort of thing? Any suggestions?
Thanks...