View Single Post
  #1  
Old 1st August 2011, 22:23
pititis pititis is offline
Senior Member
 
Join Date: Dec 2010
Location: München
Posts: 364
Thanks: 39
Thanked 90 Times in 68 Posts
Lightbulb More control over spam in shared hosting

Hi,

First tip

I'm sure you know the issue with the php function mail(). To disable globally the function can be a problem because not all php based apps and contact forms allow smtp auth.

By default ispconfig use fast-cgi for the sites you created. Don't forget activate suexec when work with fast-cgi because scripts are executed with the user and group of the site owner. Well, from php version 5.3.0 we can use the directive mail.log to log who is calling the function mail(). When someone call the function mail from a php script we will find some info about the sender in our log. In this example I use ubuntu.

First edit your /etc/php5/cgi/php.ini and set the directive properly:

Code:
mail.log = /var/log/phpmail.log
phpmail.log is the name used in my example.

Then create the file
Code:
touch /var/log/phpmail.log
...and restart apache daemon

Code:
/etc/init.d/apache2 restart
Now send a email using a form or a simple script and test your log:

Code:
cat /var/log/phpmail.log
...and we can see the output:

Code:
mail() on [/var/www/clients/client11/web33/web/mail.php:9]: To: muster@domain.net -- Headers: From: webmaster@yahoo.com  Reply-To: webmaster@example.com  X-Mailer: PHP/5.3.2-1ubuntu4.9
It work, we know exactly who are sending what...

Second tip

Well, but what about the email subject? Will be wonderful to log the subjects. No problem we can log email subject header from all emails, no matter if they are send using mail() function or as normal authenticated smtp. Using ispconfig, just go to email->Content filter. Click to add a new content filter and select Header Filter, then set the Action field to:

Code:
/^Subject:/
Now wait a few minutes and send a test email. After that run

Code:
grep "warning: header" /var/log/mail.log
...and we get the next output:

Code:
Aug  1 18:54:55 server postfix/cleanup[23308]: 99BDC16A11B: warning: header Subject: second test from mailout-muster.domain.net[111.111.111.111]; from=<musterman@ich.net> to=<webmaster@yahoo.com> proto=SMTP helo=<xxx.net>
Cheers
Reply With Quote
Sponsored Links