Deny mail from PHP scripts owned by the www-data user

gistfile1.txt

## This is supposed to find (and freeze in the queue) any messages which are sent from
## PHP scripts that are owned by the www-data user, so it should stop someone from executing
## the following common attack scenario:
##
## 1. Malicious person finds exploitable upload form on a website that allows writing
##    arbitrary PHP files to the web root of the server
## 2. Person uploads a PHP script used to send out email spam
## 3. Person executes that script either with exec() or via the web browser to send out spam
##
## This ACL should mean that messages just get stuck in the queue. A legitimate developer will
## have a login as another user on the server, and can use PHP to send out email just by setting
## the owner of their scripts to be anything other than www-data.
##
## ~ James 2014-08-07

## NOTE: THIS LINE HAS TO GO IN A DIFFERENT PLACE
## This goes in the acl_definitions section
# this isn't a typo, define that the ACL for not_smtp (local) mail should be the list named "acl_not_smtp"
acl_not_smtp = acl_not_smtp

## NOTE: This section goes in the acls (after begin acl)
# define the ACL named "acl_not_smtp"
acl_not_smtp:

  # the 33 below is the UID of the www-data user on Debian boxes
  warn  condition    = ${if eq{33}{${extract{1}{:}{$h_X-PHP-Originating-Script:}}}}
        message      = Not allowing mail to be sent from a script owned by www-data (spam?)
        # we just freeze the message so we can inspect it later
	control      = freeze

  accept