Finding spam sending PHP scripts on a linux server

Sometimes there are users on a server that may have installed old PHP scripts with known security gaps this can cause that this PHP scripts will spam senders. Finding these PHP scripts could be very difficult. With the release of of PHP 5.3 they have added new functionality to make it easier to handel the tracking of spammers or exploited web forms. The new functions are affected by settings in the server php.ini, you should have a more detailed look on the offical documentation ( If we open the server php.ini file we should find the following 3 settings: mail.add_x_header (Add X-PHP-Originating-Script that will include UID of the script followed by the filename.) mail.log (The path to a log file that will log all mail() calls. Log entries include the full path of the script, line number, To address and headers.) mail.force_extra_parameters (Force the addition of the specified parameters to be passed as extra parameters [...]

By | 2016-10-29T13:50:15+00:00 May 24th, 2016|Allgemein, Debian, Linux|Comments Off on Finding spam sending PHP scripts on a linux server