>I use PHP to send mail. Recently, emails originating >from the server stopped sending. After some >investigation, I looked at the /var/log/maillog file, >and saw the following errors when a mailing tried to >originate: > >Aug 29 13:16:10 x sendmail[1162]: g7TIGA001162: >SYSERR(apache): Can't create transcript file >./xfg7TIGA001162: Permission denied >Aug 29 13:16:10 x sendmail[1162]: g7TIGA001162: >SYSERR(apache): Cannot create ./dfg7TIGA001162: >Permission denied > >I looked in my mail queue directory, and there were >like 15,000 files...looked at a sample few of them, >and they were jibberish.
jibberish to you, perhaps, but I think some of those files are internal sendmail files. Don't mess with them if you can avoid it. Expect a ton of email to get sent when you fix this, though... :-) >Question 1: I'm assuming the error has something to do >with the chown/chgrp/chmod of the /var/spool/mqueue >directory? I don't know how this could have changed, >nothing was modified on the server. Currently: owner = >root, group = mail, permissions = rwx rx rx Look into sendmail.cf and find the line that has: Troot or something like that on it. That should be telling sendmail that 'root' is a "trusted" user and allowed to do the gnarly things that need to get done for email to get sent. There are probably other Trusted users like 'nobody' and, err, I dunno. Whatever. I'm not sure of the syntax for additional trusted users, but let's hope you have at least two (2) trusted users, because then adding another one is easy :-) >Question 2: Did I get hacked?? Maybe. Maybe not. Did you re-install sendmail? Did anybody dink around with sendmail.cf? Did you try to improve/increase security? Did you change the "User" setting in httpd.conf? There are a zillion things you could have done thinking it was a Good Idea that would have broken sendmail... If you changed the User in httpd.conf from 'nobody' to 'apache', for example, and 'nobody' is a 'Trusted' sendmail user, and 'apache' ain't, then 'nobody' can send email that 'apache' can't... The Bad News: I dunno how you're really supposed to fix the T in sendmail.cf... There's a sendmail.mc or somesuch which is an 'm4' file which you're supposed to edit and then re-generate the sendmail.cf from that... I'm not bright enough to do that, and just hacked sendmail.cf directly when I needed something. It's wrong, but it works, and I don't have the time to figure out this m4 stuff. Maybe next go-around. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
