Am 29.11.2012 23:32, schrieb Phil Pennock:
> For running with suphp, that means in Apache:
> SetEnv PHPRC /www/sites/%dirname/etc
>
> Once you have that, in the per-site php.ini you can set:
> mail.force_extra_parameters = -fwebmaster@???
>
> This lets you use local Sendmail-style submission, instead of SMTP, so
> in combination with a dedicated uid, means that you can identify the
> user. You can then use $originator_uid in the client authenticator for
> the outbound mail.
>
It may sound a bit rude.. it's just for your own systems safety :
The shown above works only, if the spam script is using mail() .
That's amateur spaming .. a nasty spam scripts forks itself of and uses
it's own SMTP-engine to send mails. They do it for exactly the reason to
hide the identity of the account they hacked. It's even worse sometimes,
when the hacker stores the script via ftp, calls it via http and deletes
it instantly via ftp again. If you run mod_php , your screwed so many
times :)
And hey, you can use perlscripts for spamming too, bypassing the little
protection php setups can give you :) if perl isn't available use ruby
or python.
it would be cool, if the firewall rules would implement a UID option ..
allow port 25 connections only if uid is in ( 0, 93 ) . That would
really help.
Marius
