On Sat, Aug 02, 2008 at 12:21:27AM +0100, Dave Evans wrote:
> Slightly OT, but you might want to disable mod_php - have php scripts run via
> suexec instead (like your Perl scripts do already). It's a performance hit,
> but it keeps things consistent (all user scripts run as that user), and it
> makes it easier to handle exactly this kind of spam-tracking problem.
>
> * Disallow CGI (Perl, PHP, whatever) scripts from connecting via SMTP. Force
> them to use /usr/sbin/sendmail if they want to send mail.
I forgot to point out that both of those are very much backwards-incompatible,
of course. Not to be undertaken lightly.
> * That way, all mail generated by user scripts arrives via the "not smtp"
> exim ACL, wherein you can do logging and adding of headers. See
> http://lists.exim.org/lurker/message/20060813.151359.326c5742.html for
> how to do this (requires embedded Perl in Exim).
However, that part you can do without fear of incompatibilities, and it should
help straight away, but only for mail which is being submitted via
/usr/sbin/sendmail - it won't help for mail submitted via SMTP.
--
Dave Evans
http://djce.org.uk/
http://djce.org.uk/pgpkey
