folks, first post/patch, please be gentle <g>.
hosting companies using mod_php have a *very* hard time preventing and tracking abuse of mail(). when sendmail is invoked from a suexeced cgi script, we get the username. with mod_php mail(), we get a big fat nothing, a ton of spam in the spool and a bunch of abuse reports from ticked off victims. we then go on a grepping witchhunt, which is hardly a workable option on a busy production box. the patch i am including below apends an X-AntiAbusePHP: /path/to/script/which/is/spewing header to all messages sent through mail(). while we will be actively parsing that header in our sendmail replacement script, leaving the username only and throttling/limiting based on per-user sending threshholds, those who do not go that far to be good netizens will at least be able to identify the source of spewage post mortem. we already have iptables ACLs in place to prevent unauthorized connections to remotehost:25, but most people can not implement that, so the socket calls may be my next mutilation target. with that said, it would be much more intrusive (hence likely unsuitable for addition into the core) and i thought it would be more prudent to test the waters with a trivial patch, since i am likely to have done something wrong/contrary to the php way of doing things. i would think this {sh,c}ould be ifdefined, but being unfamiliar with the status quo policy on that and considering that the patch has a fair chance of being unwelcome, i did not pursue it. cheers, paul diff -ru php-4.3.6/ext/standard/mail.c php-4.3.6.abuse1/ext/standard/mail.c --- php-4.3.6/ext/standard/mail.c 2004-01-08 20:35:58.000000000 -0500 +++ php-4.3.6.abuse1/ext/standard/mail.c 2004-05-30 08:27:55.000000000 -0400 @@ -87,6 +87,8 @@ int to_len, message_len, headers_len; int subject_len, extra_cmd_len, i; char *to_r, *subject_r; + char *exec_file=NULL; + int abuseh_len=0, got_headers=0; if (PG(safe_mode) && (ZEND_NUM_ARGS() == 5)) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "SAFE MODE Restriction in effect. The fifth parameter is disabled in SAFE MODE."); @@ -103,6 +105,18 @@ return; } + got_headers = headers ? 1 : 0; + exec_file= zend_get_executed_filename(TSRMLS_C); + /* add 2 [strlen("\r\n")] _if_ we are appending to preexisting headers */ + abuseh_len = (got_headers*2) + strlen(ABUSE_HEADER_TAG) + strlen(ABUSE_HEADER_SRC) + strlen(exec_file); + headers = got_headers ? erealloc(headers, headers_len + abuseh_len + 1) : emalloc(abuseh_len + 1); + if(got_headers) strcat(headers, "\r\n"); + strcat(headers, ABUSE_HEADER_TAG); + strcat(headers, ABUSE_HEADER_SRC); + strcat(headers, exec_file); + headers_len += abuseh_len; + + if (to_len > 0) { to_r = estrndup(to, to_len); for (; to_len; to_len--) { diff -ru php-4.3.6/ext/standard/php_mail.h php-4.3.6.abuse1/ext/standard/php_mail.h --- php-4.3.6/ext/standard/php_mail.h 2002-12-31 11:35:33.000000000 -0500 +++ php-4.3.6.abuse1/ext/standard/php_mail.h 2004-05-30 08:26:59.000000000 -0400 @@ -24,6 +24,9 @@ PHP_FUNCTION(mail); PHP_MINFO_FUNCTION(mail); +#define ABUSE_HEADER_TAG "X-AntiAbusePHP: Added to track PHP abuse, please include with any abuse report\r\n" +#define ABUSE_HEADER_SRC "X-AntiAbusePHP: This message was sent through " + #if HAVE_SENDMAIL PHP_FUNCTION(ezmlm_hash); -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php