View Single Post
Old 1st August 2011, 23:23
pititis pititis is offline
Senior Member
Join Date: Dec 2010
Location: München
Posts: 364
Thanks: 39
Thanked 89 Times in 68 Posts
Lightbulb More control over spam in shared hosting


First tip

I'm sure you know the issue with the php function mail(). To disable globally the function can be a problem because not all php based apps and contact forms allow smtp auth.

By default ispconfig use fast-cgi for the sites you created. Don't forget activate suexec when work with fast-cgi because scripts are executed with the user and group of the site owner. Well, from php version 5.3.0 we can use the directive mail.log to log who is calling the function mail(). When someone call the function mail from a php script we will find some info about the sender in our log. In this example I use ubuntu.

First edit your /etc/php5/cgi/php.ini and set the directive properly:

mail.log = /var/log/phpmail.log
phpmail.log is the name used in my example.

Then create the file
touch /var/log/phpmail.log
...and restart apache daemon

/etc/init.d/apache2 restart
Now send a email using a form or a simple script and test your log:

cat /var/log/phpmail.log
...and we can see the output:

mail() on [/var/www/clients/client11/web33/web/mail.php:9]: To: -- Headers: From:  Reply-To:  X-Mailer: PHP/5.3.2-1ubuntu4.9
It work, we know exactly who are sending what...

Second tip

Well, but what about the email subject? Will be wonderful to log the subjects. No problem we can log email subject header from all emails, no matter if they are send using mail() function or as normal authenticated smtp. Using ispconfig, just go to email->Content filter. Click to add a new content filter and select Header Filter, then set the Action field to:

Now wait a few minutes and send a test email. After that run

grep "warning: header" /var/log/mail.log
...and we get the next output:

Aug  1 18:54:55 server postfix/cleanup[23308]: 99BDC16A11B: warning: header Subject: second test from[]; from=<> to=<> proto=SMTP helo=<>
Reply With Quote
Sponsored Links