How to log all PHP based E-mails for abuse

Step #1 - Create Wrapper Script

vi /usr/local/bin/phpsendmail

#!/usr/bin/php

//changed by realtechtalk.com to make the log readable
/**
This script is a sendmail wrapper for php to log calls of the php mail() function.
Author: Till Brehm, www.ispconfig.org
(Hopefully) secured by David Goodwin
*/

$sendmail_bin = '/usr/sbin/sendmail';
$logfile = '/tmp/mail_php.log';

//* Get the email content
$logline = '';
$pointer = fopen('php://stdin', 'r');

while ($line = fgets($pointer)) {
if(preg_match('/^to:/i', $line) || preg_match('/^from:/i', $line)) {
$logline .= trim($line).' ';
}
$mail .= $line;
}

//* compose the sendmail command
$command = 'echo ' . escapeshellarg($mail) . ' | '.$sendmail_bin.' -t -i';
for ($i = 1; $i < $_SERVER['argc']; $i++) {
$command .= escapeshellarg($_SERVER['argv'][$i]).' ';
}



//* Write the log
//file_put_contents($logfile, date('Y-m-d H:i:s') . ' ' . $_ENV['PWD'] . ' ' . $logline, FILE_APPEND);

//changed by realtechtalk.com to make the log readable
file_put_contents($logfile, date('Y-m-d H:i:s') . ' ' . $_ENV['PWD'] . ' ' . $logline . PHP_EOL, FILE_APPEND);
//* Execute the command
return shell_exec($command);
?>

Make it executable:

chmod +x /usr/local/bin/phpsendmail

Create Log File (on Centos the log does not get created or written to unless you do it manually)

touch /tmp/mail_php.log; chmod 777 /tmp/mail_php.log;chown apache.apache /tmp/mail_php.log

Step 2 - Backup & Modify php.ini

cp /etc/php.ini /etc/php.ini-bk

(Your php.ini may be in a different location depending on your OS/control panel).

Edit /etc/php.ini

Find the part that starts with "sendmail" and make it like my example below:

sendmail_path = /usr/local/bin/phpsendmail

; For Win32 only.
;sendmail_from = me@example.com

; For Unix only. You may supply arguments as well (default: "sendmail -t -i").
;sendmail_path = /usr/sbin/sendmail -t -i
sendmail_path = /usr/local/bin/phpsendmail

Restart httpd:

service httpd restart

After this you should find entries in /tmp/mail_php.log


Tags:

php, mails, abusestep, wrapper, vi, usr, bin, phpsendmail, realtechtalk, readable, sendmail, author, brehm, www, ispconfig, org, secured, goodwin, _palepurple_, uk, sendmail_bin, sbin, logfile, tmp, mail_php, email, content, logline, pointer, fopen, stdin, fgets, preg_match, trim, compose, echo, escapeshellarg, _server, argc, argv, file_put_contents, _env, pwd, file_append, php_eol, execute, shell_exec, executable, chmod, centos, manually, chown, apache, modify, ini, cp, etc, bk, depending, os, panel, edit, quot, sendmail_path, sendmail_from, unix, arguments, default, restart, httpd, entries,

Latest Articles

  • Unable to mount location Failed to retrieve share list from server: Connection timed out - Samba/Linux Filesharing Not working Ubuntu Mint Linux Solution
  • How To Resize, Reduce a Video to a Specific Size and Quality Ubuntu Linux using ffmpeg
  • vi how to delete all lines in the file
  • Linux Mint / Ubuntu 20 Intel I219 NIC disconnects
  • Linux can't boot/grub boot loader screen with no options solution
  • EFI PXE grub2 Howto guide for Linux EFI PXE Booting on Debian, Mint, Ubuntu, RHEL
  • Aruba/HP/Dell IAP Wireless Controller Common Default Passwords
  • Debian, Mint Ubuntu how to remove package and associated config files
  • Linux Grub not booting the intended kernel solution in Debian, Mint, Ubuntu how to specify which kernel to boot by default
  • QEMU KVM Keyboard Problems Not Working Right Repeating Characters, Ctrl+C Copy and Paste not working right when using PS2 mouse in guests Solution
  • Linux how to compile binary with static sharedobjects embedded instead of dynamic to use on multi-distributions and avoid glibc compatiblity issues
  • /bin/sh: msgfmt: not found error solution on Linux Compilation Ubuntu Debian Mint Centos
  • Mikrotik RouterOS CHR/ISO Basic and Quick Setup Howto Guide
  • qemu 4 compilation options
  • CentOS 7 8 PXEBoot Netinstall Not Working Solution "Pane is dead "new value non-exisetnt xfs filesystem is not valid as a default fs type"
  • CentOS 6 EOL yum repo won't work Error: Cannot find a valid baseurl for repo: base Solution
  • CentOS 7 8 How To Disable SELinux
  • Wordpress How To Add Featured Image To Post in Hueman Theme
  • kdenlive full reset how to erase all config files
  • CentOS 7 8 yum error Trying other mirror. To address this issue please refer to the below wiki article