EXIM - sending spam from PHP scrips
Hello.
I have a couple of dozens of linux servers running EXIM as mail server.
Anytime, users send spam from their PHP scripts.
Is hard to find what user do this, and i spend some time on this.
I have some ideas:
1. Limit number of messages what user nobody (user what run apache) can send at one time.
2. Write a PHP script that will be appended to all user scripts and will detect if the mail() function is abused in which case an email should be sent to the admin.
But this will costs us system performance, be cause will grow number of I/O operations.
3. Write a perl script that will check mail spool every hour, and if it detects abuses from user 'nobody' will block it.
Do you have any other ideas about this?
Thanks.
|