Top Nav

Log Email Senders

Often hackers will use a compromised website to sent large amounts of spam email. On a shared server with many websites, it can be hard to tell which site and script is sending the spam. Here’s a procedure for Qmail that will (a) add a header with the script path and (b) create a log file of senders.

1. Create file at /var/qmail/bin/sendmail-wrapper with the following contents:

2. Set permissions on wrapper:

3. Move sendmail binary

4. Symlink the wrapper into place:

The log file will be create at /tmp/mail.send.