Can't get my forms to mail to emails not located on my server.

[fireineyes]

Can't get my php forms to mail to emails not located on my server. What would be there reason for this? Some of the failed messages say that the user 'nobody" can't send emails. Is it dangerous to allow user 'nobody' to email? I figure it is. Here is my php code..

//$contact is name of person filling out form
//$em is email address of person filling out form
$to = "\"$contact\"<$em>";
 
$headers = "From: \"MYDOMAIN.com\"<[email protected]>";

if (!$em==""){
mail( "[email protected]", "$subject", "$message", "$headers");

mail( "\"Rick\"<[email protected]>,\"Webmaster\"<[email protected]>", "$subject", "$info", "From: \"$contact\"<$em>");

I gathered one email that said this...

This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es)
 failed:

  [email protected]
    Mail sent by user nobody being discarded due to sender restrictions
 in WHM->Tweak Settings

------ This is a copy of the message, including all the headers. ------

Return-path: <[email protected]>
Received: from nobody by server1.myserver.com with local (Exim
 4.63)
	(envelope-from <[email protected]>)
	id 1IYW7f-0000Ml-BF; Thu, 20 Sep 2007 19:11:55 -0500
To: [email protected]
Subject: Wholesale Sign Builders Application
From:[email protected]
To:[email protected]
MIME-Version: 1.0
Content-Type: multipart/mixed;
Message-Id: <[email protected]>
Sender: Nobody <[email protected]>
Date: Thu, 20 Sep 2007 19:11:55 -0500

I just want to be able to mail a form to [email protected] or [email protected] off the server. Can anyone give me some pointers?

 

[sparek-3]

You probably have your server set up to disallow sending out mail as the nobody user but then don't have PHP compiled as CGI.

If PHP is running as an Apache module, this basically means that every message sent out through a PHP script on the server will be send out using an envelope-sender of [email protected].

You might alleviate this in the short term by using:

mail( "\"Rick\"<[email protected]>,\"Webmaster\"<[email protected]>", "$subject", "$info", "From: \"$contact\"<$em>","-f" . $em);

Which basically forces sendmail to use whatever $em is as the envelope-sender.

The envelope-sender is the address that a bounce message will go to should there be problems delivering the message. Its probably a good practice to use the -f parameter in a sendmail system.

 

[fireineyes]

How do I have PHP compiled as CGI?

So if I approach the long term solution, what do you suggest? I am pretty green at this stuff so bear with me. How do I have PHP compiled as CGI? Any suggestions?

 

[sparek-3]

I'm really not sure any more. I think they have changed the way easyapache works. Used to be you could just run /scripts/easyapache from the command line and select an option with phpsuexec enabled, depending on how much customization you wanted. But I'm not sure if they are using phpsuexec any more and I'm not sure what the new easyapache looks like. Perhaps someone with more knowledge of the recent easyapache changes could provide more help in this area.

Alternatively you can log into the WHM as root and under Tweak Setting, uncheck the option of prevent nobody from sending out mail. This will allow PHP to send out mail as the nobody user with PHP compiled as an Apache module.

 

[fireineyes]

Is that a dangerous option?

Is that a dangerous option? Allowing nobody?

 

[fireineyes]

Explain this line..

This will allow PHP to send out mail as the nobody user with PHP compiled as an Apache module

Especially the last part stating.. PHP compiled as an Apache module

Do I go into Easyapache? or do it from WHM?

 

[cPanelDavidG]

This will allow PHP to send out mail as the nobody user with PHP compiled as an Apache module

Especially the last part stating.. PHP compiled as an Apache module

Do I go into Easyapache? or do it from WHM?

Note that /scripts/easyapache and WHM -> Software -> Apache Update are merely different interfaces for the same EasyApache functionality.

 

[cPanelDavidG]

Is that a dangerous option? Allowing nobody?

Potentially. If you allow people to send as user nobody and then one of your user's scripts is exploited to send spam, you wont know which user is sending the mail. As a result, it can take a while to track down while your server is spewing spam and being blacklisted as a spam server.

Having mail sent as the user will mean you can see in the mail queue who is sending mail and if they're sending spam, you know to suspend that user's account and inform them that their script has been exploited and they need to correct that.

 

[cPanelDavidG]

I'm really not sure any more. I think they have changed the way easyapache works. Used to be you could just run /scripts/easyapache from the command line and select an option with phpsuexec enabled, depending on how much customization you wanted. But I'm not sure if they are using phpsuexec any more and I'm not sure what the new easyapache looks like. Perhaps someone with more knowledge of the recent easyapache changes could provide more help in this area.

Alternatively you can log into the WHM as root and under Tweak Setting, uncheck the option of prevent nobody from sending out mail. This will allow PHP to send out mail as the nobody user with PHP compiled as an Apache module.

In EA3, phpSuExec support has been dropped entirely in favor of SuPHP. To enable this, when you get to Profile :: Apache :: PHP Main :: PHP Specific :: Basic, ensure Mod SuPHP Build PHP with "CGI" and "Force CGI Redirect" is selected. If you do not see that option, select "Advanced Configuration" to see it and be able to select it.