Wednesday, December 14, 2011

Track And Log Formmail SPAM In cPanel

First step is to move the sendmail binary
mv /usr/sbin/sendmail /usr/sbin/sendmail.act

Create a "new" sendmail binary
vi /usr/sbin/sendmail

...and add:
#!/usr/bin/perl

# use strict;
use Env;
my $date = `date`;
chomp $date;
open (INFO, ">>/var/log/formmail.log") || die "Failed to open file ::$!";
my $uid = $>;
my @info = getpwuid($uid);
if($REMOTE_ADDR) {
print INFO "$date - $REMOTE_ADDR ran $SCRIPT_NAME at $SERVER_NAME \n";
}
else {

print INFO "$date - $PWD - @info\n";

}
my $mailprog = '/usr/sbin/sendmail.act';
foreach (@ARGV) {
$arg="$arg" . " $_";
}

open (MAIL,"|$mailprog $arg") || die "cannot open $mailprog: $!\n";
while (<stdin> ) {
print MAIL;
}
close (INFO);
close (MAIL);

Lastly:
chmod +x /usr/sbin/sendmail
echo > /var/log/formmail.log
chmod 777 /var/log/formmail.log