[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

RE: PHP mail spam

Carlos Acedo <mailto:carlos@pangea.org> wrote on Wednesday, May 23, 2007
11:04 AM:

> Ok, I finally mange to compile it by my self, it was not too
> hard after
> all, besides, packages at dotdeb are too new for my sarge, that
> would make me reinstall all php packages.

Look into you phpinfo(), check if suhosin is active and
"suhosin.mail.protect" is set to "1".

Configure the logging right that it logs into a file or the sapi error
handler. See suhosin logging config items.

Then make simple test script that injects a "\nblah" into the Subject line
and mail() it.

Then you should see "ALERT" ... in your log and you know that the attack was
successfully averted.


Mit freundlichen Grüßen
Soenke Ruempler

NorthClick GmbH

Gasstr. 10 - 22761 Hamburg
Tel.: 040 8 22 44 999 - Fax: 040 8 22 44 998
Internet: http://www.northclick.de/

Geschäftsführer: F. Detzner | M. Henze | C. Springub
Amtsgericht Hamburg, HRB 94459

Reply to: