Date: Thu, 19 Sep 2013 23:37:41 +0100 From: Frank Leonhardt <frank2@fjl.co.uk> To: freebsd-questions@freebsd.org Subject: Re: how to tell which process call sendmail Message-ID: <523B7CB5.307@fjl.co.uk> In-Reply-To: <F76D6286C36C49BDB153CDF656C983F3@GLENN2> References: <F76D6286C36C49BDB153CDF656C983F3@GLENN2>
next in thread | previous in thread | raw e-mail | index | archive | help
On 19/09/2013 19:30, Glenn McCalley wrote: > So, some idiot is using a cgi or php or something to send mail out of > his website that he shouldn't be sending. With a bunch of sites on > the server, can't tell who. > I had a similar problem, but some time back and I can't remember *exactly* what I did. It was something like pointing mailer.conf to my own program which did some logging and then called the real sendmail. Actually, I might just have hacked mailwrapper directly. I think there was some way I managed to cross-reference to the httpd logs, or that might be what I tried to do and failed. Sorry - this may not be helping much. Another approach might be to find some likely text in the outgoing message and do a recursive grep on /home.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?523B7CB5.307>