Archive for the tag 'LF_SCRIPT_ALERT'

SBDavid

csf LF_SCRIPT_ALERT option

csf LF_SCRIPT_ALERT option

This option will notify you when a large amount of email is sent from a particular script on the server, helping track down spam scripts.

Spam Protection Alerts

If you want to add some spam protection, CSF can help. Look in the configuraiton for the following:

LF_SCRIPT_ALERT = 0 change this to 1. This will send an email alert to the system administrator when the limit configured below is reached within an hour.

LF_SCRIPT_LIMIT = 100 change this to 250. This will alert you when any scripts sends out 250 email messages in an hour.

This setting will then send an alert email if more than LF_SCRIPT_LIMIT lines appear with the same cwd= path in them within an hour. This can be useful in identifying spamming scripts on a server, especially PHP scripts running under the nobody account. The email that is sent includes the exim log lines and also attempts to find scripts that send email in the path that may be the culprit.

LF_SCRIPT_ALERT = “0″

The limit after which the email alert for email scripts is sent. Care should be taken with this value if you allow clients to use web scripts to maintain pseudo-mailing lists which have large recipients.

LF_SCRIPT_LIMIT = “100

Reference: http://www.configserver.com