Comment the following lines.
dnl # Uncomment and edit the following line if your outgoing mail needs to
dnl # be sent out through an external mail server:
dnl #
dnl # define(`SMART_HOST', `127.0.0.1')dnl
dnl #
Since sendmail daemon accepts mail on 127.0.0.1. Your php script submits email there, or forks the sendmail executable which in turn submits email there (check your submit.mc / submit.cf to verify this)
Also The emails were all from nobody@myhost
Find all processes that is running as nobody:
ps -U nobody
SMTP connection from [127.0.0.1]:36667 (TCP/IP connection count = 1)
Run netstat under watch to see which process is connecting to port 25:
watch 'netstat -na | grep :25'
These steps can help you find out the culprit is the... web server. Then you can run a strace to see which script is called when an email is sent:
strace -f -e trace=open,stat -p 1234 -o wserver.strace
(1234 is the parent PID of the web server process)
No comments:
Post a Comment