5 above, rate limit method has the advantage of preventing the outbound spam when it is sent from unrecognized PHP script and the amount of spam messages is low.
The solution consists of several separate ideas: A) limiting the number of message submits to nonexistent email addresses per hour, B) analyzing the PHP scripts which were used to send mails.
However, they focus on authenticated SMTP users, and no complete solution was found for emails sent from PHP scripts on shared web hosting environments.
Even though the regular expression list for detection of malicious PHP scripts detected all the files that were used to send unsolicited electronic mail, we are sure that more patterns exist and even more ways to hide PHP code will be created in the future.
The fact confirms that there is a need of a complete combined solution, which detects both the usage of malicious PHP scripts and rate limit of sends to non-existent email addresses.
The identification of malicious PHP scripts method was tested on a separate server to get the efficiency results without any influence from the previous detection method.
The identification of malicious PHP scripts method, which complements the first method of rate limiting sends to non-existent email accounts, also had no false positives and malicious scripts were found in all the paths reported.
A database tool to connect PHP scripts
and SQL databases, which eliminates switching between different development environments, increases productivity and also allows developers to execute SQL statements against the database while testing their code.