sisblog

Prevent & Track spammers on your Plesk shared hosting server

January 11, 2009 on 7:56 pm | In Algemeen | No Comments

In a shared hosting environment users often install exploitable mail scripts. With some systems it is extremely difficult to find out where the spam is coming from. This post shows you how to patch php so it forces the addition of the script that sends out the spam in the mail header and a second patch that will block mails with implicit receipients in the headers (most often the case for spam sent through simple mail scripts).

The solution works with Plesk 9.X and Plesk 8.X. Please note that you will probably not have all the necessary packages to complete the php build: pass the error message in google if it is not clear and it will tell you what packages to install in order to complete.

Commands for this fix you need to execute in shell are marked in bold.

More information about the patches can be found on:

http://www.lancs.ac.uk/~steveb/patches/php-mail-reject-implicit-recipients-patch
http://www.lancs.ac.uk/~steveb/patches/php-mail-header-patch

STEP 1: Download the php source and patch it
———————————————

mkdir /home/src
cd /home/src
wget http://be.php.net/get/php-5.2.8.tar.gz/from/be2.php.net/mirror
tar -xzvf php-5.2.8.tar.gz
cd php-5.2.8

STEP 2: Apply The Patches
———————————————

wget http://www.lancs.ac.uk/~steveb/patches/php-mail-reject-implicit-recipients-patch/php-mail-reject-implicit-recipients.patch
patch -p1 < php-mail-reject-implicit-recipients.patch

(enter php-5.2.8/ext/standard/mail.c as path)

wget http://www.lancs.ac.uk/~steveb/patches/php-mail-header-patch/php5-mail-header.patch
patch -p1 < php5-mail-header.patch

(enter php-5.2.8/ext/standard/mail.c as path)

STEP 3: Optimize and build
———————————————

Optimize (this is optional & best parameters vary depending your hardware)

export MAKEOPTS=-j9 // Recplace the 9 with the number op CPU cores your machine has + 1

export CFLAGS=”-O3″

export CXXFLAGS=”-O3 -march=nocona -freorder-blocks -fno-reorder-functions -mmmx -mno-mmx -msse -msse2 -mno-sse2 -msse3 -mno-sse3 -mssse3 -mno-ssse3 -mfpmath=sse”

– Configure

You might want to remove options you do not need or add options so it reflects your current config.

./configure –help shows the available options

./configure –host=i686-redhat-linux-gnu –build=i686-redhat-linux-gnu –target=i386-redhat-linux-gnu –program-prefix= –prefix=/usr –exec-prefix=/usr –bindir=/usr/bin –sbindir=/usr/sbin –sysconfdir=/etc –datadir=/usr/share –includedir=/usr/include –libdir=/usr/lib –libexecdir=/usr/libexec –localstatedir=/var –sharedstatedir=/usr/com –mandir=/usr/share/man –infodir=/usr/share/info –cache-file=../config.cache –with-config-file-path=/etc –with-config-file-scan-dir=/etc/php.d –enable-force-cgi-redirect –disable-debug –disable-rpath –enable-inline-optimization –with-bz2 –with-db4=/usr –with-curl –with-exec-dir=/usr/bin –with-freetype-dir=/usr –with-png-dir=/usr –with-gd –enable-gd-native-ttf –without-gdbm –with-gettext –with-ncurses –with-gmp –with-iconv –with-jpeg-dir=/usr –with-openssl –with-pspell –with-regex=system –with-xmlrpc=shared –with-zlib –with-layout=GNU –enable-bcmath –enable-exif –enable-ftp –enable-magic-quotes –enable-sockets –enable-sysvsem –enable-sysvshm –enable-wddx –enable-memory-limit –with-pear=/usr/share/pear –with-ldap=shared –with-mhash=shared –with-mcrypt=shared –enable-bcmath –enable-shmop –enable-calendar –enable-mbstring=shared –enable-mbregex –with-apxs2=/usr/sbin/apxs –with-sqlite –with-pgsql –with-pdo-pgsql –with-mysqli=shared,/usr/bin/mysql_config –with-kerberos –with-imap –with-imap-ssl=/usr/include/openssl –with-mcrypt –with-xmlrpc –with-tidy –with-snmp –with-mysql=shared,/usr/bin/mysql_config –enable-dba –with-mhash –enable-soap –with-xsl –enable-mbstring –with-imap –with-imap-ssl –enable-inline-optimization –disable-debug –disable-ipv6

This command configures the build , if it complains about missing packages, install the relevant rpm or -devel rpm.

– Uninstall rpm’s if your previous install was rpm based.

Keep the base php rpm, plesk uses it to check if php is installed.

To show the installed php rpms:
rpm -qa | grep php-*

To remove a package
rpm -e –nodeps packagename

– to make and install the new build

make

This can take a while.

make install

– restart apache

service httpd restart

The new php version with the patches should now work.

Warning: doing this with older Plesk installs breaks webmail. See http://kb.parallels.com/en/3519 for the solution.