Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:26941 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 82312 invoked by uid 1010); 13 Dec 2006 22:21:41 -0000 Delivered-To: ezmlm-scan-internals@lists.php.net Delivered-To: ezmlm-internals@lists.php.net Received: (qmail 82259 invoked from network); 13 Dec 2006 22:21:40 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 13 Dec 2006 22:21:40 -0000 Authentication-Results: pb1.pair.com header.from=stuttle@gmail.com; sender-id=unknown Authentication-Results: pb1.pair.com smtp.mail=stuttle@gmail.com; spf=unknown; sender-id=unknown Received-SPF: unknown (pb1.pair.com: domain gmail.com does not designate 87.117.193.62 as permitted sender) X-PHP-List-Original-Sender: stuttle@gmail.com X-Host-Fingerprint: 87.117.193.62 uk1.moxiemon.net Received: from [87.117.193.62] ([87.117.193.62:55449] helo=horatio.sharedserver.net) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id A9/29-19506-7CA70854 for ; Wed, 13 Dec 2006 17:12:58 -0500 Received: from [192.168.0.102] (user-5447037b.wfd82a.dsl.pol.co.uk [84.71.3.123]) by horatio.sharedserver.net (Postfix) with ESMTP id ED59D9CBF87; Wed, 13 Dec 2006 22:05:32 +0000 (GMT) Message-ID: <45807AC8.8020907@gmail.com> Date: Wed, 13 Dec 2006 22:12:24 +0000 User-Agent: Thunderbird 1.5.0.7 (Windows/20060909) MIME-Version: 1.0 To: Ilia Alshanetsky CC: PHP internals References: <10536315-883E-4C1A-AF35-386DF4D73F84@prohost.org> In-Reply-To: <10536315-883E-4C1A-AF35-386DF4D73F84@prohost.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: [PHP-DEV] mail() logging for PHP From: stuttle@gmail.com (Stut) Ilia Alshanetsky wrote: > Is there any interest in adding support for logging of mail() calls > and/or adding options that allow identification of who sent the e-mail. > > I've wrote a quick patch that enables this functionality via two ini > settings controllable via php.ini or per-virtual host. > > The first option, mail.add_x_header (boolean) allows you to enable the > addition of the X-PHP-Originating-Script header to each mail sent by > mail(), which will include the uid of the script and its name. The > combination of the two should be sufficient to identify the user to whom > the script belongs and via a simple find command locate the actual > script. This option is intended primarily for instances where you have a > bounced e-mail or a forwarded mail with a spam complaint, allowing you > to quickly identify the offender. > > The second option, mail.log (takes a filename) allows you to enable > logging of every single mail() call, each log line will include the > fullpath of the file and the line where the mail() was called from in > addition to the "To" address and any headers (to keep track of CC, BCC) > that were part of the function call. To ensure that each log line is 1 > line long, \r and \n are replaced with spaces. > > The patch that makes this possible can be found here: > > http://ilia.ws/uploads/patches/mail_log.txt.gz Yes, yes, yes, a thousand times yes. I'm assuming the filename is the full path and filename? Couldn't that be considered a security risk? IMHO it would be better to have an option that would provide the domain name and the filename relative to the site root (if available). Also, I'm assuming this is configurable via php_flag in an Apache configuration file? -Stut