Forums / Install & configuration / Mail Security and SUEXEC

Mail Security and SUEXEC

Next topic

Author	Message
John Bolton	Wednesday 21 May 2003 7:47:46 am Due to a recent security exploit on the mailer script in one of my host's servers (Linux - Apache 1.3.27 - PHP 4.3.1), they have now implemented SUEXEC on all servers. As a result, any script that sends out mails as 'nobody' will have their outgoing mails automatically bounced by the server. I do not have email sender Nobody in site.ini or site.ini.append in v3.0-1. However new user registration information emails appear to be sent by 'Nobody' from the host server yet the activation email correctly picks up the admistrator email address as the sender. What do I need to do to avoid sending 'Nobody' for this or any other mailing forms similarly affected?
Björn Dieding@xrow.de	Sunday 25 May 2003 10:00:48 am Easy you need a vhost similar then that. <VirtualHost 217.160.187.131:80> ServerName xrow.de DocumentRoot /home/www/web11/html/xrow.de User web11 Group ftponly ScriptAlias /cgi-bin/ /home/www/web11/html/cgi-bin/ php_admin_value open_basedir /home/www/web11/ php_admin_value upload_tmp_dir /home/www/web11/phptmp/ php_admin_value open_basedir none RewriteEngine On RewriteRule !.(gif\|css\|jpg\|png\|jar)$ /index.php </VirtualHost> Looking for a new job? http://www.xrow.com/xrow-GmbH/Jobs Looking for hosting? http://hostingezpublish.com ----------------------------------------------------------------------------- GMT +01:00 Hannover, Germany Web: http://www.xrow.com/

Author

Message

Wednesday 21 May 2003 7:47:46 am

Due to a recent security exploit on the mailer script in one of my host's
servers (Linux - Apache 1.3.27 - PHP 4.3.1), they have now implemented SUEXEC on all servers. As a result, any script that sends out mails as 'nobody' will have their outgoing mails automatically bounced by the server.

I do not have email sender Nobody in site.ini or site.ini.append in v3.0-1. However new user registration information emails appear to be sent by 'Nobody' from the host server yet the activation email correctly picks up the admistrator email address as the sender.

What do I need to do to avoid sending 'Nobody' for this or any other mailing forms similarly affected?

Björn Dieding@xrow.de

Sunday 25 May 2003 10:00:48 am

Easy

you need a vhost similar then that.

<VirtualHost 217.160.187.131:80>
ServerName xrow.de
DocumentRoot /home/www/web11/html/xrow.de
User web11
Group ftponly
ScriptAlias /cgi-bin/ /home/www/web11/html/cgi-bin/
php_admin_value open_basedir /home/www/web11/
php_admin_value upload_tmp_dir /home/www/web11/phptmp/
php_admin_value open_basedir none
RewriteEngine On
RewriteRule !.(gif|css|jpg|png|jar)$ /index.php
</VirtualHost>

Looking for a new job? http://www.xrow.com/xrow-GmbH/Jobs
Looking for hosting? http://hostingezpublish.com
-----------------------------------------------------------------------------
GMT +01:00 Hannover, Germany
Web: http://www.xrow.com/