apache: what site is sending email from www-data
I've had this sort of thing happen a few times, and I'm wondering if
anyone know's any way to figure it out, or prevent it:
You have say, 50 websites running on your webserver (mostly PHP, some
cgi). You start to notice your webserver is sending out HUGE amount of
email (which is spam). Looking at any of the messages in the mail queue,
you notice all the messages are coming from firstname.lastname@example.org,
so I know they are coming from apache, but what site is it coming from!?!
I've been curious about running PHP under fastcgi w/apache2 with
FastCGIsuEXEC enabled for each site. From what I understand, doing this
would make the example I gave before send out mail from
(UID-SET)@host.mydomain.tld (rather then www-data) which would do
exactly as I'd want.
What's your experience with this sort of thing? Any suggestions?