Re: [exim] Apache <=> Exim

Top Page
Delete this message
Reply to this message
Author: Oliver Heesakkers
Date:  
To: Grant Peel, exim-users
Subject: Re: [exim] Apache <=> Exim
Op Thursday 31 July 2008 02:46:38 schreef Grant Peel:
> Hi all,
>
> I am thinking a script on one of my servers has a security hole in it. A
> few days ago, the server started sending out huge amounts of spam. I am yet
> to find the culprit.
>
> In the mean time, I am seeing thousands of mailq entries like:
>
> 2008-07-30 18:33:50 1KOKEw-000DG6-77 <= www@??? U=www P=local
> S=2625 T="God Has Chosen You" from <www@???> for
> junebug7004@???
>
> I am thinking that I would like to temporarily disble apache's sending of
> email (from FormMail scripts), until I can track down the offending script.
>
> Is there a way I can do it in Exim's configure?
>
> -Grant


For tracking down I use

php_value mail.force_extra_parameters -fPostmaster@???

in every VirtualHost on my server. This way the envelope-sender will tell
which VirtualHost is to blame for any problems and the occasional bounce will
bounce to the correct sender.

This will also work with PHP in safe-mode.