Note: This article is applicable for the Qmail mail server. If you are using the Postfix mail server, see:
213914405 Many email messages are sent from PHP scripts on the server. How can I find the domains on which these scripts are running if I am using Postfix?
Warning: using this method may cause increase of the server load due to the additional steps of processing for each message submitted to the local mail server. If you experience problems with high server load after applying the instructions in step #2, revert them using the instructions in step #3.
There is a way to determine from which folder the PHP script sending mail was run.
Note: Depending on your operating system and Plesk version, the paths may differ from those listed below.
/var/qmail/bin/sendmail-wrapperscript with the following content:
Copy the content below and paste it into the file created above:
(echo X-Additional-Header: $PWD ;cat) | tee -a /var/tmp/mail.send|/var/qmail/bin/sendmail-qmail "$@"
Note that this script should include two lines including
Create a log file called
/var/tmp/mail.sendand grant it the "a+rw" rights. Make the wrapper executable, rename the old sendmail, and link it to the new wrapper:
~# touch /var/tmp/mail.send
~# chmod a+rw /var/tmp/mail.send
~# chmod a+x /var/qmail/bin/sendmail-wrapper
~# mv /var/qmail/bin/sendmail /var/qmail/bin/sendmail-qmail
~# ln -s /var/qmail/bin/sendmail-wrapper /var/qmail/bin/sendmail
Wait for at least two hours, then change sendmail back:
~# rm -f /var/qmail/bin/sendmail
~# mv /var/qmail/bin/sendmail-qmail /var/qmail/bin/sendmail
/var/tmp/mail.send file. There should be lines starting with "X-Additional-Header:", pointing to the domain folders where the scripts which sent the mail are located.
You can see all the folders from where the mail PHP scripts were run using the following command:
~# grep X-Additional /var/tmp/mail.send | grep `cat /etc/psa/psa.conf | grep HTTPD_VHOSTS_D | sed -e 's/HTTPD_VHOSTS_D//' `
If you see no output from the above command, no mail was sent using the PHP mail() function from the Plesk virtual hosts directory.
/var/tmp/mail.send file only contains:
... without pointing to a particular domains folder, change permissions for the Perl binary:
~# chmod 700 /usr/bin/perl