This is more a note for myself than anything else ...
By default a lot of php scripts will send emails that appear as coming from the Apache user, which makes tracking down a rogue script really annoying and time-consuming.
You end up with entries in the mail logs similar to this one:
Apr 27 18:22:29 servername postfix/qmgr: 0F53421C1FA: from=<firstname.lastname@example.org>, size=929, nrcpt=1 (queue active)
Which isn't particularly helpful if you have more than one site (vhost) on a particular server.
Making it a bit saner can be done via a simple addition to the Apache vhost config:
php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f email@example.com'
So now any emails sent from that vhost will reference the email specified instead of the Apache user:
Apr 27 19:40:34 servername postfix/qmgr: 16A8F21C1FA: from=<firstname.lastname@example.org>, size=358, nrcpt=1 (queue active)
There are other additions to Php that can log the path to the script itself, though until such time as someone makes it available for Debian / Ubuntu I don't really fancy having to compile it in manually