phpmailer log problem

Discussion in 'Tips/Tricks/Mods' started by ngoyette, Apr 2, 2012.

  1. ngoyette

    ngoyette New Member

    Hello,

    We recently discovered one of our hosted web sites was hacked,, and it was sending spam / fishing trough phpmailer :(

    i followed a howto to log sendmail.. : http://www.howtoforge.com/how-to-log-emails-sent-with-phps-mail-function-to-detect-form-spam

    it doesn't work even when i change /tmp/mail_log patch .. still no log ...

    is there a better way to log php mailer's ?
    how can i force my users to use the smtp server with login and credential instead of this?

    thank you


    btw i found this because email sent bounced back , and landed inside /var/mail/webX
     
  2. till

    till Super Moderator

    Which php version do you use? If its php 5.3, then logging is already built into php.
     
  3. pititis

    pititis Member

    Like Till said, if you are running php>5.3 try this:



    http://www.howtoforge.com/forums/showthread.php?t=53617

    You can also disable mail function in php globally, then each user must use smtp auth to send mail but not always is a good idea because maybe they are using software without smpt auth support. Anyway you can disable the mail function where is necessary (using the "custom php.ini settings" field in ispconfig->sites->web domains->webdomainname->options

    Example:
    Code:
    disable_functions = exec,passthru,popen,ini_set,system,show_source,shell_exec,proc_open,mail
    
    
    Cheers
     
    Last edited: Apr 3, 2012
  4. ngoyette

    ngoyette New Member

    yes using PHP Version 5.3.3-7+squeeze8

    i followed guide on other page, chown the file to root:adm and even tried chmod 777 nothing is writing in phpmail.log :(


    where can i find trace of error?
     
  5. pititis

    pititis Member

    try root:root
     
  6. ngoyette

    ngoyette New Member

    no dice,

    this is my test sendmail script:

    PHP:
    <?php
    mail
    ('test@hiddenmail.com','This is a test message subject','This is a test message body');
    echo 
    'Mail sent.';
    ?>
    i receive test mail...

    here is my config of /etc/php5/cgi/php.ini and /etc/php5/apache2/php.ini
    Code:
    mail.log = /var/log/phpmail.log
    the file /var/log/phpmail.log is root:root and 777,
    Code:
    -rwxrwxrwx  1 root        root              0 Apr  3 10:31 phpmail.log
    no idea why it doesn't log anything yet
     
  7. pititis

    pititis Member

    Did you restart apache?

    :D
     
  8. ngoyette

    ngoyette New Member

    stupid me :p

    yes thank you very much apreciated!!!
     
  9. pititis

    pititis Member

    Glad to help you!
     
  10. ngoyette

    ngoyette New Member

    now i need to secure the log?

    because its not login unless i 777 the file
    is this file write by client like webx/clientx ? or by apache itself?

    cause all my log files are 640 root:adm ...

    but doing so to phpmail.log not working :(
     
  11. falko

    falko Super Moderator

    If this log is used by just one website, you can use webx/clientx (if you use PHP via FastCGI/SuPHP/CGI) or the Apache user/group (mod_php) as the owners of the log. Otherwise only 777 will work, I guess.
     

Share This Page