Re: apache: what site is sending email from www-data
David MacKinnon wrote:
I've had this sort of thing happen a few times, and I'm wondering if
anyone know's any way to figure it out, or prevent it:
You can patch PHP to add a header to all mail sent via the mail()
function which says what script actually sent the email.. Very useful!
You have say, 50 websites running on your webserver (mostly PHP, some
cgi). You start to notice your webserver is sending out HUGE amount of
email (which is spam). Looking at any of the messages in the mail
queue, you notice all the messages are coming from
firstname.lastname@example.org, so I know they are coming from apache, but
what site is it coming from!?!
Quoted from site:
The header added has the form:
X-PHP-Script: <servername><php-self> for <remote-addr>
X-PHP-Script: www.example.com/~user/testapp/send-mail.php for 10.0.0.1
Hope that helps.
Thank you all for your responses! I'm going to start testing now. :)