I have server with CPanel.
I have phpsuexec installed (from CPanel).

But when I tried to send email from php script it sent from "nobody" but not from user account.

Anybody can help me?

WHM - "Tweak Settings" (I think) - Enable to option to prevent email sent from user nobody

Just to let you know that if that option is clicked most php scripts will be unable to send emails. This doesn't force it to use an account it just makes it so that "nobody" is not a valid email address to be sent from.

turning on this option is vulnerable to hack?

Turning on this option allows PHP/CGI scripts to send email from the nobody user. Yes if not properly looked after(disabling specfic files, firewall, and the like) it can cause either a attack from a non-authorized user or open up the ability to send spam from your server.

Cpanel has SuExec installed. This is for Cgi-scripts not php.

You need to recompile apache with phpsuexec

Thank you!

Is there any way to send email from nobody after recompilation?
Anything should be done by me additionally?

After recompilation be sure to enable the option in WHM to prevent email sent from user nobody.

Then it must be oke

Use /scripts/easyapache option 6 yo recompile.

Martin:D

Thank you!!

After you've done this it means email sent out from PHP/CGI scripts will be send out using the persons username and NOT nobody?

So scripts won't break correct?
Please clarify

Scripts wont break.

However some scripts just would not work anymore.
The reason of this is mostly that the script is not safe.

On most Apache servers, PHP runs as an Apache Module. As such, it runs directly in the user Nobody, but doesn't require the execute flag.

This means that in order to execute a PHP file, it simply needs to be world readable.

The problem is that this allows every other users on the server to read your PHP files !

Many scripts use a PHP file to store a database username and password. This means that on another server every client could read your PHP files, retrieve your password and access your databases

PHPsuexec executes PHP scripts under your username.

As such, instead of using everyone's permissions it uses the owner's permissions.

You can thus change the permissions of your PHP scripts to : 0700 or 0400 and still be able to read and execute them. However, these scripts will no longer be accessible to any other users.

In fact, PHPsuexec will refuse to execute a script if it is world-writtable to protect you from someone abusing one of your scripts.

Hope this helps

yes, email now sent from username, I checked this.

What if I have no /scripts/easyapache ?

How can I rebuild apache with PHPSUEXEC ?

/scripts/easyapache is only for cpanel servers, if you don't have that you'll need to download the apache sources files from apache.org

any help with it?
how to rebuild it?
I did not find proper information.
I tried many things.

Google is your best friend:

php suexec install

http://www.debianhowto.de/howtos/en/php_cgi/

Thank you VERY much!