Re: [exim] Feature req: env var logging

Top Page
Delete this message
Reply to this message
Author: Dave Evans
Date:  
To: exim-users
Subject: Re: [exim] Feature req: env var logging
On Sun, Aug 13, 2006 at 04:31:55PM +0200, Phil Pennock wrote:
> On an Exim receive (<=) line, the ability to log the value of a
> specified environment variable.
>
> Rationale: PHP webhosting, which on Unix uses "sendmail" for submission,
> rather than talking SMTP, so the web-server's environment variables will
> be visible (by hook or by crook). So if I can log the $REQUEST_URI in
> _Exim_'s logs, it should become *much* easier to track down the page
> which is being abused by spammers. Sometimes, with large badly-written
> PHP applications it can be difficult to tell from the web-server logs
> where the hole is.


This may or may not be any use to you; I tried this on a test box and it
worked for me:

perl_startup = sub return_env { return $ENV{$_[0]} }

acl_not_smtp:

    accept
        logwrite = FOO=${perl{return_env}{FOO}}
        add_header = X-CGI-Env: FOO=${perl{return_env}{FOO}}


On our older web hosting box we had /usr/sbin/sendmail as a wrapper script
which injected extra headers (based on REQUEST_URI etc) before running the
real MTA. However in light of your email, and my quick test above, I think I
might find a better way of doing it on our newer web hosts :-)

Good luck tidying up after the PHP wannabes.

--
Dave Evans
Power Internet

PGP key: http://powernet.co.uk/~davide/pgpkey