Simple PHP mail wrapper2 Jan, 2009 Debian Linux, SecurityIf you run a webserver with several hundreds of virtual hosts running PHP, you definitely need to monitor or log the access to PHP’s mail function. I describe in a short tutorial how to painlessly setup a simple sendmail wrapper to accomplish this.This has been tested on a Debian Lenny 5.0 system running PHP 5.2.8 and Postfix.Create a wrapper script in e.g. /usr/sbin/sendmail-wrapper-php:#!/bin/shlogger -p mail.info sendmail-wrapper-php: site=${HTTP_HOST}, client=${REMOTE_ADDR}, script=${SCRIPT_NAME}, pwd=${PWD}, uid=${UID}, user=$whoami/usr/sbin/sendmail -t -i $Make sure it has correct access permissions:chown root /usr/sbin/sendmail-wrapper-phpchmod 755 /usr/sbin/sendmail-wrapper-phpThis script logs to syslog, usually configured to log mail.info to /var/log/mail.log.We force all customers to use this wrapper script instead of the original /usr/sbin/sendmail binary. Modify your php.ini and add/change:sendmail_path = /usr/sbin/sendmail-wrapper-phpauto_prepend_file = /var/www/common/php_set_envs.phpThe auto_prepend_file directive is not necessarily needed if you run PHP in CGI-mode – the variables to be logged by the wrapper script are correctly set. For local PHP execution on the system and if you run PHP as Apache-module apxs2, you better add this directive. The php_set_envs.php simply sets some PHP variables to the shell environment:<?phpputenv »HTTP_HOST= ».@$_SERVER[« HTTP_HOST »];putenv »SCRIPT_NAME= ».@$_SERVER[« SCRIPT_NAME »];putenv »SCRIPT_FILENAME= ».@$_SERVER[« SCRIPT_FILENAME »];putenv »DOCUMENT_ROOT= ».@$_SERVER[« DOCUMENT_ROOT »];putenv »REMOTE_ADDR= ».@$_SERVER[« REMOTE_ADDR »];As you noticed, I put some more variables in this script. You could extend the sendmail wrapper script by $SCRIPT_FILENAME and $DOCUMENT_ROOT to make 100% sure you can find the right origin where mail was initiated.We’re all set now. Monitor your mail log by e.g.:# grep sendmail-wrapper-php /var/log/mail.logDec 29 20:41:35 web logger: sendmail-wrapper-php: site=www.iezzi.ch, client=212.35.7.99, script=/test.php, pwd=/var/www/webXX/includes/wordpress, uid=4002, user=web2Dec 29 20:42:52 web logger: sendmail-wrapper-php: site=webmail.onlime.ch, client=212.35.7.99, script=/index.php