[BlueOnyx:10260] Re: Trojans and backdoors? - Suggested BlueOnyx improvement

[Maurice de Laat]

Hi Michael,

On Fri, Apr 20, 2012 at 04:27:43PM +0200, Michael Stauber wrote:

> The PHP related email activity was still logged via 
> /usr/sausalito/sbin/phpsendmail, so I can say that a "php_admin_value 
> sendmail_path" setting in a siteX.include file will now be ignored and 
> the one in the siteX file takes precendence.

Thanks for getting that clear!

> ... so there is no "-f" specified. But that is done for a reason, because do 
> we really need to hard wire a sender address? I say: NO! And see below why.
> 
> In fact the "missing" or "wrong"  sender address is due to wrong usage of the 
> mail() command.

Yup. You are correct when saying that this is due to wrong usage or wrong
programming. And yes, errors should be fixed at the root, and not 
somewhere higher up in the chain. Couldn't agree more! However...

In an ideal world no programmer would make this error and administrators 
of servers don't get bothered with unneeded messages in their mailbox, 
which are a result of this error. The programmer has almost no negative 
side-effects of this error. It is the adminstrator that has.

The real world is not ideal :( For me it is impossible to get every 
programmer that codes a php script that's running on one of my servers to 
correct his error. Very often, I don't have a clue who the programmer was. 
I rent the webspace to my customer, who in turn might hire a programmer to 
code the website, etc.

We check p.e. inputboxes in a GUI (also in the BX GUI) because the user 
might put in something that doesn't belong there. That also is not our 
fault, but still we check for it. And we should. Because these checks 
prevent further errors in the chain, and eventually make our lifes easier 
because we get fewer support calls or, in this proposed case, get less 
unwanted emails.

Just my thoughts.
-- 
Maurice de Laat