RE: PHP mail spam

To: "'Carlos Acedo'" <carlos@pangea.org>
Cc: <debian-isp@lists.debian.org>
Subject: RE: PHP mail spam
From: "Soenke Ruempler - NorthClick " <soenke.ruempler@northclick.de>
Date: Tue, 22 May 2007 12:43:09 +0200
Message-id: <[🔎] 001501c79c5d$fd516510$1002a8c0@kellerautomat>
In-reply-to: <[🔎] 4652C7A4.5010904@pangea.org>

Hi Carlos,

Carlos Acedo <mailto:carlos@pangea.org> wrote on Tuesday, May 22, 2007 12:36
PM:

> My server is being used by spammers who inject mail headers in php
> scripts to send spam, I have tried mod-security to block those
> injections but still remains. 
> 
> Is there a way to block this php header injections once for all?
> I've been thinking about suPHP, but this will only tell me
> where is the
> 'hole'
> 
> Any solution?

Use suhosin protection, it has email spam protection as it doesn't allow
newlines in headers:

# apt-get install php5-suhosin

Unfortunately the website suhosin.org is down atm - however if up again:

http://www.hardened-php.net/suhosin/index.html

-- 

Mit freundlichen Grüßen
Soenke Ruempler
Development

NorthClick GmbH

Gasstr. 10 - 22761 Hamburg
Tel.: 040 8 22 44 999 - Fax: 040 8 22 44 998
Internet: http://www.northclick.de/

Geschäftsführer: F. Detzner | M. Henze | C. Springub
Amtsgericht Hamburg, HRB 94459

Reply to:

Follow-Ups:
- Re: PHP mail spam
  - From: Carlos Acedo <carlos@pangea.org>

References:
- PHP mail spam
  - From: Carlos Acedo <carlos@pangea.org>

Prev by Date: PHP mail spam
Next by Date: Re: PHP mail spam
Previous by thread: PHP mail spam
Next by thread: Re: PHP mail spam
Index(es):
- Date
- Thread