Simple PHP mail wrapper

If you run a webserver with several hundreds of virtual hosts running PHP, you definitely need to monitor or log the access to PHP’s mail() function. I describe in a short tutorial how to painlessly setup a simple sendmail wrapper to accomplish this.
This has been tested on a Debian Lenny 5.0 system running PHP 5.2.8 and Postfix.


Create a wrapper script in e.g. /usr/sbin/sendmail-wrapper-php:

Make sure it has correct access permissions:

This script logs to syslog, usually configured to log mail.info to /var/log/mail.log.
We force all customers to use this wrapper script instead of the original /usr/sbin/sendmail binary. Modify your php.ini and add/change:

The auto_prepend_file directive is not necessarily needed if you run PHP in CGI-mode – the variables to be logged by the wrapper script are correctly set. For local PHP execution on the system and if you run PHP as Apache-module (apxs2), you better add this directive. The php_set_envs.php simply sets some PHP variables to the shell environment:

As you noticed, I put some more variables in this script. You could extend the sendmail wrapper script by $SCRIPT_FILENAME and $DOCUMENT_ROOT to make 100% sure you can find the right origin where mail() was initiated.

We’re all set now. Monitor your mail log by e.g.:

16 Responses

  1. Grimm
    Jun 30, 2009 - 02:17 AM

    Thank you, this article helped me to find vulnerable site in 100+ virtualhosts. It’s really simple and efficient solution to php mail() logging.

  2. J-P
    Aug 15, 2009 - 03:15 PM

    Thanks, this script is awesome! It saved me a serious amount of time.

  3. Prasanna
    Sep 02, 2009 - 12:19 AM

    How can we log the e-mail headers? i.e the to, from, reply-to addresses and any other additional headers being used in the mail() calls.

  4. John Campbell
    Sep 15, 2009 - 08:45 PM

    Thanks for this. I’m having a problem getting it to log anything more than „site=www.myexample.com“, however. Any idea why this could be? Thanks!

  5. Alexis
    Sep 24, 2009 - 04:48 PM

    Hello,

    Thanks for this script. I did it one like this too few years ago which included a limitation of the number of messages that could be sent with mail(). However it was not very functionnal. Additionnaly it logged the mails as well, but only with $PWD as I didn’t know auto_prepend_file command.

    Btw, I’ve got a problem with auto_prepend_file with website with safe mode activated. As the php_set_envs.php is owned by root it can’t be inserted in a page owned by another user. And I can’t change the owner of php_set_envs.php as it is included in all webpages of all our websites, with different UID.

    I don’t really understand why auto_prepend_file is included in the safe_mode check. It should just include it as it has been defined in the configuration file.

    Though, would one know if there is another solution than deactivating the safe mode for everybody ?

    Thanks in advance,
    regards

  6. Pratico fabrice
    Sep 28, 2009 - 04:20 PM

    Very nice, thank you 😉

  7. Prasanna
    Nov 16, 2009 - 12:33 PM

    I just added this to one of my sites and the log shows the following:

    [root@www log]# grep sendmail-wrapper /var/log/maillog
    Nov 16 06:24:27 www logger: sendmail-wrapper-php: site=www.mysite.com,

    Doesn’t show any other details like script name etc.
    What could be wrong?

  8. Prasanna
    Nov 16, 2009 - 01:02 PM

    Also, I see an error of this kind:

    Nov 16 06:49:31 www postfix[4111]: fatal: /etc/postfix/main.cf, line 640: missing ‚=‘ after attribute name: „/usr/sbin/sendmail-wrapper-php“

  9. Sandu Mihai
    Jan 28, 2011 - 10:49 AM

    Beware that you have CR/LFs that will get this script to log only the site name and that’s it.
    Putting the whole ‚logger‘ on one single line makes it work.
    Ty for your solution, is simple and efficient.

  10. Built-in solution since PHP 5.3
    Feb 07, 2013 - 11:00 PM

    There are new configuration directives to address the issue.
    http://php.net/manual/en/mail.configuration.php.

  11. Juan
    Apr 25, 2013 - 11:22 PM

    Excellent, I have been searching exactly this!  Thank you very much.

  12. John
    Aug 21, 2013 - 11:02 AM

    Hi, Thank you for the great script. Any have any idea how can I add the email content to the log line.
    Thank you!

Trackbacks/Pingbacks

  1. Iezzi.ch Blog » Extensive sendmail wrapper with sender throttling
  2. Mail Versand quantitativ beschr
  3. Whitenoise » Blog Archive » Part 1: Limiting and rate throttling php mail() function
  4. PHP-Mail-Funktion begrenzen - Server Support Forum

Leave a Comment

css.php