Search

Language:  
Search for:

Available article translations:

Many email messages are sent from PHP scripts on the server. How can I find the domains on which these scripts are running?

APPLIES TO:
  • Parallels Plesk Panel for Linux/Unix

Resolution

Note: This article is for Qmail, if you are using Postfix mail server see this article instead:

114845 Many email messages are sent from PHP scripts on the server. How can I find the domains on which these scripts are running if I am using Postfix? Warning: using this method may increase server load due to additional steps of processing for each message submitted to local mail server. If you experience problems with high server load after applying instructions on step #2, revert them using instructions in step #3.

There is a way to determine from what folder the PHP script that sends mail was run. Note: Depending on your OS and Plesk version, the paths can slightly differ from those listed below.

1) Create a /var/qmail/bin/sendmail-wrapper script with the following content:

#!/bin/sh
(echo X-Additional-Header: $PWD ;cat) | tee -a /var/tmp/mail.send|/var/qmail/bin/sendmail-qmail "$@"

Note, it should be two lines including #!/bin/sh

2) Create a log file /var/tmp/mail.send and grant it "a+rw" rights; make the wrapper executable; rename old sendmail; and link it to the new wrapper:

~# touch /var/tmp/mail.send
~# chmod a+rw /var/tmp/mail.send
~# chmod a+x /var/qmail/bin/sendmail-wrapper
~# mv /var/qmail/bin/sendmail /var/qmail/bin/sendmail-qmail
~# ln -s /var/qmail/bin/sendmail-wrapper /var/qmail/bin/sendmail

3) Wait for an couple hours and change back sendmail:

~# rm -f /var/qmail/bin/sendmail
~# mv /var/qmail/bin/sendmail-qmail /var/qmail/bin/sendmail

Examine the /var/tmp/mail.send file. There should be lines starting with "X-Additional-Header:" pointing to domain folders where the scripts which sent the mail are located. You can see all the folders from where mail PHP scripts were run with the following command:

~# grep X-Additional /var/tmp/mail.send | grep `cat /etc/psa/psa.conf | grep HTTPD_VHOSTS_D | sed -e 's/HTTPD_VHOSTS_D//' `

If you see no output from the above command, it means that no mail was sent using the PHP mail() function from the Plesk virtual hosts directory.

If /var/tmp/mail.send file conatin only

X-Additional-Header: /var/www

without pointing to particular domains folder, change permissions for Perl binary:

~# chmod 700 /usr/bin/perl

Search words:

spam abuse

spam attack

how to trace spam source

Abuse: Spam complaint from UOL




49af2da0f2dd4c81e962790bbbd0c2b4 56797cefb1efc9130f7c48a7d1db0f0c 5d735c0e028ee5b991e4fb80d34fb87f

FEEDBACK
Was this article helpful?
Tell us how we may improve it.
Yes No
 
 
 
 
 
 
Desktop Virtualization
- Parallels Desktop 9 for Mac
- Parallels Transporter
- Parallels Desktop Switch to Mac Edition
- Parallels Desktop for Mac Enterprise Edition
- Parallels Management-Mac for Microsoft SCCM
Server Virtualization
- Parallels Cloud Server
- Parallels Containers for Windows 6.0 Beta
- Parallels Virtuozzo Containers
Automation
- Parallels Automation
- Parallels Automation for Cloud Infrastructure
- Parallels Business Automation Standard
- Parallels Virtual Automation
- Parallels Plesk Panel Suite
- Web Presence Builder
- Parallels Plesk Automation
- Parallels Small Business Panel
- Value-added Services for Hosters
- Parallels Partner Storefront
Services & Resources
- Cloud Acceleration Services
- Professional Services
- Support Services
- Training & Certification