ID: 19538
User updated by: [EMAIL PROTECTED]
Reported By: [EMAIL PROTECTED]
Status: Assigned
Bug Type: Feature/Change Request
Operating System: ALL
PHP Version: 4.2.3
Assigned To: derick
New Comment:
I can't modify my customers scripts. Scripts are changing frequently,
new customers upload new scripts and so on. Anyway:
[root@gucio customers]# grep -ri 'mail(' . | wc -l
2873
Changing 2873 not mine script means ,,introduce some bugs'', too.
Basically I want feature that does similar thing to yours but
configurable globally from php.ini.
Previous Comments:
------------------------------------------------------------------------
[2002-10-23 15:09:47] [EMAIL PROTECTED]
This is easily solved:
mail("[EMAIL PROTECTED]","Subject Line","Body","X-PHP-Mailer-Script:
{$_SERVER[HTTP_HOST]}{$_SERVER[REQUEST_URI]}\nX-PHP-Mailer-Path:
{$_SERVER[SCRIPT_FILENAME]}\nX-PHP-Remote-IP:
{$_SERVER[REMOTE_ADDR]");
This will add three new headers to this mail:
X-PHP-Mailer-Script: yourwebhost.com/path/to/script.php
X-PHP-Mailer-Path: /real/path/to/script.php
X-PHP-Remote-IP: 10.20.30.40
And now you'll know which script the spammer is using.
------------------------------------------------------------------------
[2002-09-22 04:58:05] [EMAIL PROTECTED]
Sorry but you are simply wrong. MTA logs don't contain any usefull
information.
------------------------------------------------------------------------
[2002-09-21 19:51:59] [EMAIL PROTECTED]
IMHO, sendmail's (or whatever MTA you're using) logs should give that
kind of information away, not headers produced by PHP.
Luciano ES
Santos, SP - Brasil
------------------------------------------------------------------------
[2002-09-21 13:32:31] [EMAIL PROTECTED]
Makes sense then... I'll have a look.
Derick
------------------------------------------------------------------------
[2002-09-21 13:28:29] [EMAIL PROTECTED]
I'm running safe_mode so executing/popening sendmail is not possible
(theoretically).
It's really very usefull. Now there is completly no way to identify
source of mail.
Also note that in most cases _not_ mine users are those who are
spamming but other people through typical mail.php scripts (forms) put
on web by mine users. Identifying script would allow me to fix
it/protect or just tell user to remove it.
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/19538
--
Edit this bug report at http://bugs.php.net/?id=19538&edit=1
