Steps To Block PHP Nobody Spammers

By | October 21, 2011

You can block PHP nobody spammers with the following steps. But make sure, you must have Apache 1.3x, PHP 4.3x and Exim. This may work on other systems but we have only tested it on a Cpanel/WHM Red Hat Enterprise system.

Step 1.

At first you have to Login to your server and su – to root.

Step 2.

Turn off exim while we do this so it doesn’t freak out.
/etc/init.d/exim stop

Step 3.

Backup your original /usr/sbin/sendmail file. On systems using Exim MTA, the sendmail file is just basically a pointer to Exim itself.
mv /usr/sbin/sendmail /usr/sbin/sendmail.hidden

Step 4.

Create the spam monitoring script for the new sendmail.
pico /usr/sbin/sendmail

Paste in the following:

#!/usr/local/bin/perl
# use strict;
use Env;
my $date = `date`;
chomp $date;
open (INFO, “>>/var/log/spam_log”) || die “Failed to open file ::$!”;
my $uid = $>;
my @info = getpwuid($uid);
if($REMOTE_ADDR) {
print INFO “$date – $REMOTE_ADDR ran $SCRIPT_NAME at $SERVER_NAME n”;
}
else {
print INFO “$date – $PWD – @infon”;
}
my $mailprog = ‘/usr/sbin/sendmail.hidden’;
foreach (@ARGV) {
$arg=”$arg” . ” $_”;
}
open (MAIL,”|$mailprog $arg”) || die “cannot open $mailprog: $!n”;
while (<STDIN> ) {
print MAIL;
}
close (INFO);
close (MAIL);

Step 5.

Change the new sendmail permissions
chmod +x /usr/sbin/sendmail

Step 6.
Create a new log file to keep a history of all mail going out of the server using web scripts
touch /var/log/spam_log

chmod 0777 /var/log/spam_log

Step 7.
Start Exim up again.
/etc/init.d/exim start

Step 8.
Monitor your spam_log file for spam, try using any formmail or script that uses a mail function – a message board, a contact script.
tail – f /var/log/spam_log

Leave a Reply

Your email address will not be published. Required fields are marked *