Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:26949 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 9491 invoked by uid 1010); 14 Dec 2006 10:43:12 -0000 Delivered-To: ezmlm-scan-internals@lists.php.net Delivered-To: ezmlm-internals@lists.php.net Received: (qmail 9476 invoked from network); 14 Dec 2006 10:43:12 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 14 Dec 2006 10:43:12 -0000 Authentication-Results: pb1.pair.com header.from=markus@fischer.name; sender-id=unknown Authentication-Results: pb1.pair.com smtp.mail=markus@fischer.name; spf=permerror; sender-id=unknown Received-SPF: error (pb1.pair.com: domain fischer.name from 213.46.255.20 cause and error) X-PHP-List-Original-Sender: markus@fischer.name X-Host-Fingerprint: 213.46.255.20 viefep15-int.chello.at Solaris 10 (beta) Received: from [213.46.255.20] ([213.46.255.20:13660] helo=viefep14-int.chello.at) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id CA/50-04864-97A21854 for ; Thu, 14 Dec 2006 05:42:36 -0500 Received: from genuine ([213.47.89.232]) by viefep14-int.chello.at (InterMail vM.6.01.05.04 201-2131-123-105-20051025) with ESMTP id <20061214104157.GAIJ21691.viefep14-int.chello.at@genuine>; Thu, 14 Dec 2006 11:41:57 +0100 Received: from 62-99-200-229.sdsl-line.inode.at ([62.99.200.229] helo=[192.168.100.164]) by genuine with esmtpa (Exim 4.50) id 1Guo1q-0005Vm-HQ; Thu, 14 Dec 2006 11:41:31 +0100 Message-ID: <45812ABB.4060309@fischer.name> Date: Thu, 14 Dec 2006 11:43:07 +0100 User-Agent: Thunderbird 1.5.0.8 (Windows/20061025) MIME-Version: 1.0 To: Ilia Alshanetsky CC: Stut , PHP internals References: <10536315-883E-4C1A-AF35-386DF4D73F84@prohost.org> <45807AC8.8020907@gmail.com> <515375DA-C752-4F5D-A244-3394C56846DA@prohost.org> <45808461.9070505@gmail.com> <98F4FCCE-94A0-448D-AA27-EABF7E82A7DB@prohost.org> In-Reply-To: <98F4FCCE-94A0-448D-AA27-EABF7E82A7DB@prohost.org> X-Enigmail-Version: 0.94.0.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Spam-Score: 0 X-Spam-Level: / X-Spam-Report: Spam detection software, running on the system "genuine", has identified this incoming email as possible spam. The original message has been attached to this so you can view it (if it isn't spam) or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Ilia Alshanetsky wrote: >> I'm thinking about this from an ISP point of view... we get a lot of >> abuse reports because people have poorly written form handlers. It >> would be great if we could have PHP insert the full URL, domain name >> included, in the mail headers for anything it sends. Would that be >> possible? > > That is way too much information to include into an e-mail header, this > would in fact be information disclosure vulnerability in many eyes. The > log file that you can enable provides you with the full path to the > script that called mail, which is more then enough to identify the > offending script and/or application. [...] Content analysis details: (0.0 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- Subject: Re: [PHP-DEV] mail() logging for PHP From: markus@fischer.name (Markus Fischer) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Ilia Alshanetsky wrote: >> I'm thinking about this from an ISP point of view... we get a lot of >> abuse reports because people have poorly written form handlers. It >> would be great if we could have PHP insert the full URL, domain name >> included, in the mail headers for anything it sends. Would that be >> possible? > > That is way too much information to include into an e-mail header, this > would in fact be information disclosure vulnerability in many eyes. The > log file that you can enable provides you with the full path to the > script that called mail, which is more then enough to identify the > offending script and/or application. In case someone would use a library installed on the server were the mail() call e.g. in /usr/lib/PEAR/lib/php/Mail/Transport/PHP_Mail.php (just an example) would this really help identifying the cause of the problem? No Domain, no URL, I think it would be hard to determine who used it. - - Markus -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFgSq71nS0RcInK9ARAsKzAJ4opZQlVwJD3YsKIiJeG+QanQBOgwCbBtcH uzEyiEawrJwz+b0JTmaz9wc= =PVjq -----END PGP SIGNATURE-----