How to Stop PHP nobody Spammers
Spam is one heck of a headache if you’re running a shared server or even a dedicated server. Though exim maintains a log file of all mails sent, it doesn’t really give you much info when mails are sent via PHP’s mail function. This is because PHP and Apache simply doesn’t keep track of these emails though 99% of mails sent via PHP uses the built-in mail function.
To solve this problem, here’s a quick and simple solution to know who ‘nobody’ really is. By the way, this solution assumes that you’re using Apache, PHP and Exim. Also this solution was tested only on a CPanel/WHM system.
Note: You will root access to your server to do this.
1. SSH to your server as root
2. Stop Exim for a while:
/etc/init.d/exim stop
3. Backup your original sendmail file:
mv /usr/sbin/sendmail /usr/sbin/sendmail.hidden
4. Create our sendmail hook:
pico /usr/sbin/sendmail
- and paste the following -
#!/usr/local/bin/perl
# use strict;
use Env;
my $date = `date`;
chomp $date;
open (INFO, “>>/var/log/spam_log”) || die “Failed to open file ::$!”;
my $uid = $>;
my @info = getpwuid($uid);
if($REMOTE_ADDR) {
print INFO “$date - $REMOTE_ADDR ran $SCRIPT_NAME at $SERVER_NAME \n”;
}
else {
print INFO “$date - $PWD - @info\n”;
}
my $mailprog = ‘/usr/sbin/sendmail.hidden’;
foreach (@ARGV) {
$arg=”$arg” . ” $_”;
}
open (MAIL,”|$mailprog $arg”) || die “cannot open $mailprog: $!n”;
while (<STDIN> ) { {
print MAIL;
}
close (INFO);
close (MAIL);
5. Make our sendmail hook executable:
chmod +x /usr/sbin/sendmail
6. Protect our sendmail hook from being overwritten:
chattr +i /usr/sbin/sendmail
7. Create our log file:
touch /var/log/spam_log; chmod 0644 /var/log/spam_log
8. Start Exim again:
/etc/init.d/exim start
9. Add your log file to log rotation:
pico /etc/logrotate.conf
- search for -
/var/log/wtmp {
monthly
create 0664 root utmp
rotate 1
}
- add this below -
# SPAM LOG rotation
/var/log/spam_log {
monthly
create 0777 root root
rotate 1
}
That’s it! Now, you can view your log file at /var/log/spam_log and track down those spammers.
Comments
Leave a Reply
Links
Categories
Blogroll
Start a Franchising Business in the Philippines