Today one client told some of his client is sending spam from his server and want to track the abuser. The spamer may be using a PHP or Perl script. By default, PHP and Perl scripts run as user nobody, so it is impossible to know who is sending the spam emails if the sites URL is not in the spam email. For example if you host a site Domain-1.com and that site send spam mails for promoting another site Domain-2.com, we will not able to track such spam.
Spam is illegal and we have to prevent that, or shortly your Server IP will get black listed and data center will unplug the server as they don’t want to host illegal spamer.
So the solution is to run PHP and Perl scripts in Suexe mod. With Cpanel, you can enable this through WHM easily. But some of the pooerly coded scripts will not work with suexe.
The solutions are
suPHP
suPHP is a tool for executing PHP scripts with the permissions of their owners. It consists of an Apache module (mod_suphp) and a setuid root binary (suphp) that is called by the Apache module to change the uid of the process executing the PHP interpreter.
Replacing Sendmail with Perl/PHP script
More details can be found at
http://hostonnet.netfreehost.com/hostonnet-ftopic280.html
Modify PHP Source Code
This is done by editing mail.c file in PHP source code and install modified PHP on the server. This only work with PHP scripts that use mail function to send mail. If the PHP scripts use SMTP or sendmail directly, this will not work, most of the PHP scripts uses mail function to send emails.
Patch can be downloaded from
http://choon.net/php-mail-header.php
If you need any help in stop nobody spaming, check out our server administration service at
