I’m receiving a message “This mail is sent using the PHP mail function”
every now and then. I didn’t know where it was originated. I have cheked the message source and it says it is originated from
X-PHP-Originating-Script: 500:sendmail.php
So I did
tutatis:~ # find / -name *sendmail.php
And I found a sendmail.php in my public_html directory.
So I almost sure it is the only responsible of these emails (I have changed the message in this script to check for sure).
The question is: when does this run and why just only from time to time?
maybe when any robot search my site and enter my public_html ?
You assume a lot of information that you did not provide.
When and where do you see this message. The only thing I can assume is that you have a running LEAP 15.1. Is it on the console? Is this a logged in user? When yes, In the CLI or the GUI? When yes, comes it spontanious or is some program running?
“I found a sendmail.php in my public_html directory”.
Who is “my”. Is this a normal user? And is it thus in /home/my/public_html.?
Does “my” use that and can we assume that the system is running a web server (Apache?) and that that web server is configured in serving from /home/my/public_html?
The message is received by mail in a mail account I have in other server (not related to this one)
“I found a sendmail.php in my public_html directory”.
Who is “my”. Is this a normal user? And is it thus in /home/my/public_html.?
Does “my” use that and can we assume that the system is running a web server (Apache?) and that that web server is configured in serving from /home/my/public_html?
Etc.
The server is running apache, and the endmail.php is in /home/MY/public_html where MY is my user (a normal user), and apache is configured to serve from public_html of normal users.
Then I assume that user MY has put things in his ~/public_html. Amongst them the file sendmail.php. Files do not emerge out of nowhere.
And someone apparently asked your Apache server, either direct or indirect to execute that PHP program. And the program then decided to send an e-mail to the e-mail address of someone (let us call him/her RECEIVER) on a mail host that apparently points (via an DNS MX record) to the other system (let us call it MAILSYS) where then user RECEIVER receives that mail.
I hope that you see that when you are RECEIVER and you do not understand why you get that mail, should ask MY why he has things rigged as they are.