Re: [Exim] logging script names invoking exim

Top Page
Delete this message
Reply to this message
Author: Tim Jackson
Date:  
To: exim-users
Subject: Re: [Exim] logging script names invoking exim
On Tue, 11 Nov 2003 20:32:43 -0000 Jens-Ingo wrote:

> i would like to log in the mainlog the name (path) of cgi or php scripts
> invoking exim on our webservers. this should enable us to tell exactly
> which script has send what email.


I have thought the same thing would be useful, but I can't see any easy
way of doing it (certainly from the Exim side of things), because all Exim
sees is a user (www-data in your case) sending a mail. Also bear in mind
that if you allow SMTP from the local host, the scripts could also inject
mail by connecting to localhost:25, and there is no way Exim could
possibly find out what specific PHP script was doing it.

Though I haven't actually tried it (yet), I reached the conclusion that
the best way would probably be to create a small patch to PHP which hooked
into the mail() command and logged the details somewhere. I'd be
interested to know if you or anyone else has tried this or do try it in
future.

Of course, you'd also have to solve the problem of people just connecting
to localhost:25. If it's still essential that local SMTP is accepted, I
guess you could look into blocking the specific (Apache) user from sending
mails locally - I'm not sure offhand whether ident checking or a variation
thereof is possible for loopback TCP connections but if it is this might
do the trick.


Tim