Results 1 to 6 of 6
-
10-07-2009, 12:27 PM #1New Member
- Join Date
- Oct 2009
- Posts
- 3
Understanding Exim and Exim_mainlog
Hi all,
I'm new and a green thumb at mail, smtp, exim etc.
We host our websites on our own dedicated server and I had this mail message sent to me and i'm not quite sure i understand it.
Subject: [newmailcgi] Recently Uploaded CGI scripts that send email on {server excluded from quote}
Note: If this is the first time you received this mail, it contains the history for the entire month so far.
Below are the recently upload scripts that contain code to send email. You may wish to inspect them to ensure they are not sending out SPAM.
/home/eyn/public_html/site/wiki/includes/UserMailer.php:51: function toString() {
/home/eyn/public_html/site/wiki/includes/UserMailer.php:52: # PHP's mail() implementation under Windows is somewhat shite, and
/home/eyn/public_html/site/wiki/includes/UserMailer.php:53: # can't handle "Joe Bloggs <joe@bloggs.com>" format email addresses,
---
/home/eyn/public_html/site/wiki/includes/UserMailer.php:194: set_error_handler( array( 'UserMailer', 'errorHandler' ) );
/home/eyn/public_html/site/wiki/includes/UserMailer.php:195: wfDebug( "Sending mail via internal mail() function\n" );
/home/eyn/public_html/site/wiki/includes/UserMailer.php:196:
---
/home/eyn/public_html/site/wiki/includes/UserMailer.php:199: foreach ($to as $recip) {
/home/eyn/public_html/site/wiki/includes/UserMailer.php:200: $sent = mail( $recip->toString(), wfQuotedPrintable( $subject ), $body, $headers );
/home/eyn/public_html/site/wiki/includes/UserMailer.php:201: }
---
/home/eyn/public_html/site/wiki/includes/UserMailer.php:202: } else {
/home/eyn/public_html/site/wiki/includes/UserMailer.php:203: $sent = mail( $to->toString(), wfQuotedPrintable( $subject ), $body, $headers );
/home/eyn/public_html/site/wiki/includes/UserMailer.php:204: }
---
/home/eyn/public_html/site/forums/includes/class_mail.php:37: *
/home/eyn/public_html/site/forums/includes/class_mail.php:38: * This class sends email from vBulletin using the PHP mail() function
/home/eyn/public_html/site/forums/includes/class_mail.php:39: *
---
/home/eyn/public_html/site/administrator/components/com_config/controllers/application.php:355: $config_array['fromname'] = JRequest::getVar('fromname', 'Joomla 1.5', 'post', 'string');
/home/eyn/public_html/site/administrator/components/com_config/controllers/application.php:356: $config_array['sendmail'] = JRequest::getVar('sendmail', '/usr/sbin/sendmail', 'post', 'string');
/home/eyn/public_html/site/administrator/components/com_config/controllers/application.php:357: $config_array['smtpauth'] = JRequest::getVar('smtpauth', 0, 'post', 'int');
---
/home/eyn/public_html/site/administrator/components/com_docman/includes/groups.php:286: // ;
/home/eyn/public_html/site/administrator/components/com_docman/includes/groups.php:287: // mail($emailtosend->email, $subject, $message, $headers);
/home/eyn/public_html/site/administrator/components/com_docman/includes/groups.php:288: // TO: SUBJECT: (message) Headers
---
/home/eyn/public_html/site/libraries/phpmailer/phpmailer.php:128: */
/home/eyn/public_html/site/libraries/phpmailer/phpmailer.php:129: var $Sendmail = '/usr/sbin/sendmail';
/home/eyn/public_html/site/libraries/phpmailer/phpmailer.php:130:
---
/home/eyn/public_html/site/libraries/phpmailer/phpmailer.php:289: /**
/home/eyn/public_html/site/libraries/phpmailer/phpmailer.php:290: * Sets Mailer to send message using PHP mail() function.
/home/eyn/public_html/site/libraries/phpmailer/phpmailer.php:291: * @return void
---
/home/eyn/public_html/site/libraries/phpmailer/phpmailer.php:457: /**
/home/eyn/public_html/site/libraries/phpmailer/phpmailer.php:458: * Sends mail using the PHP mail() function.
/home/eyn/public_html/site/libraries/phpmailer/phpmailer.php:459: * @access private
---
/home/eyn/public_html/site/libraries/phpmailer/phpmailer.php:872:
/home/eyn/public_html/site/libraries/phpmailer/phpmailer.php:873: /* To be created automatically by mail() */
/home/eyn/public_html/site/libraries/phpmailer/phpmailer.php:874: if($this->Mailer != 'mail') {
---
/home/eyn/public_html/site/libraries/phpmailer/phpmailer.php:886:
/home/eyn/public_html/site/libraries/phpmailer/phpmailer.php:887: /* sendmail and mail() extract Cc from the header before sending */
/home/eyn/public_html/site/libraries/phpmailer/phpmailer.php:888: if((($this->Mailer == 'sendmail') || ($this->Mailer == 'mail')) && (count($this->cc) > 0)) {
---
/home/eyn/public_html/site/libraries/phpmailer/phpmailer.php:891:
/home/eyn/public_html/site/libraries/phpmailer/phpmailer.php:892: /* sendmail and mail() extract Bcc from the header before sending */
/home/eyn/public_html/site/libraries/phpmailer/phpmailer.php:893: if((($this->Mailer == 'sendmail') || ($this->Mailer == 'mail')) && (count($this->bcc) > 0)) {
---
/home/eyn/public_html/site/libraries/phpmailer/phpmailer.php:900:
/home/eyn/public_html/site/libraries/phpmailer/phpmailer.php:901: /* mail() sets the subject itself */
/home/eyn/public_html/site/libraries/phpmailer/phpmailer.php:902: if($this->Mailer != 'mail') {
---
/home/eyn/public_html/site/libraries/joomla/config.php:20: var $fromname = '';
/home/eyn/public_html/site/libraries/joomla/config.php:21: var $sendmail = '/usr/sbin/sendmail';
/home/eyn/public_html/site/libraries/joomla/config.php:22: var $smtpauth = '0';
---
Now, my site is very new and i haven't done much to it in the past week or so...especially when it comes to installation. I also do not have a member by the name of joe@bloggs.com
so i'm wondering if this means i have spam being sent from my server?
I really appreciate it!!!
KristineLast edited by ktaylor; 10-07-2009 at 12:30 PM.
-
10-07-2009, 12:35 PM #2New Member
- Join Date
- Oct 2009
- Posts
- 3
Also, I updated the exim.conf file to include log_selector=+all so i can see what all is going on through the mail system and to be honest, i'm not sure if it's working right.
Can anyone help clarify what's going on for me?
here's a portion of what my exim_mainlog is showing....
well, i'd love to attach the code but it won't let me since i don't have 5 posts yet. i'll see if i can attach a photo
-
10-09-2009, 02:23 AM #3WHT Addict
- Join Date
- Jun 2008
- Location
- India
- Posts
- 130
the logs says that user eyn is sending mails by using cgi scripts. You need to check the count of emails and all to make sure that the user is not a spammer. Otherwise u may face abuse issues on this server.
you can use grep '2009-10-09' | /var/log/exim_mainlog| fgrep '/home/eyn'and just check the count of success full emails. change the date to require one
-
10-09-2009, 08:57 AM #4Temporarily Suspended
- Join Date
- Jul 2009
- Posts
- 178
You can limit the number of email send per hour per domain and also checks the logs and execute exim -bp | exiqsumm to see the email queue.
-
10-09-2009, 05:33 PM #5Newbie
- Join Date
- Oct 2009
- Location
- Ernakulam, Kerala, IN
- Posts
- 5
Hello,
The mail you received just indicates that the following scripts have mail options. If you take a closer look at this, then you can note that they are normal phpmailer & joomla scripts. If these were not uploaded by you, then you should really concern, otherwise you can ignore this warning mail.
-Shyam
-
10-09-2009, 05:58 PM #6New Member
- Join Date
- Oct 2009
- Posts
- 3
Thank you! I will check all your suggestions out. Most of my work behind the scenes is Joomla based.
do i do these functions in terminal or cpanel?
Similar Threads
-
exim_mainlog is this normal?
By saj in forum Hosting Security and TechnologyReplies: 3Last Post: 12-01-2007, 09:56 PM -
Help understanding exim_mainlog
By littlened in forum Hosting Security and TechnologyReplies: 1Last Post: 08-24-2007, 11:51 AM -
how do I tail -f /var/log/exim_mainlog (but not on exim)
By netlink in forum Hosting Security and TechnologyReplies: 3Last Post: 07-20-2006, 06:15 AM -
exim_mainlog permissions?
By saltydog in forum Dedicated ServerReplies: 1Last Post: 01-23-2006, 03:24 PM -
exim_mainlog information
By mohits4 in forum Dedicated ServerReplies: 2Last Post: 08-19-2005, 09:22 PM