Exim Mail removal using script

Exim Mail removal using script

If an Exim based mail server suffers from a spammer attack through an exploited web site or a script, it is required to delete all the offending mails of the spammer.

You can use the below mentioned script which does exactly the required. The mentioned script will scan through your server’s mail queue and deletes all the mail that match the sender or the recipient address that you specify.

In order to use the script, please login to your server via the SSH and execute the below mentioned command:

vi /bin/queuesweep

Press the key i and notice the message “—- INSERT -—” at the bottom of your window or terminal. Now you can copy and paste the below mentioned lines:

Click here to READ MORE

Track spammer in Qmail

Track spammer in Qmail

Track down the spammer in Qmail mail server:

1. Make sure that all domains have the Mail to nonexistent user option set to Reject.This option is available since Parallels Plesk Panel 7.5.3 and can be changed for all the domains using group operations: select the domains, click Modify Selected, in the Preferences section select Switch on for the Mail to nonexistent user option and select the Reject value for it.

2. Make sure that there are no untrusted IP addresses or networks in the white list.To do this, go to Home > Mail Server Settings > White List tab. To remove untrusted IP addresses or networks, select them in the list and click Remove Selected.

Look at the qmail queue for the number of mails. If the mail count too high, then it means, some spammer is roaming over there.

# /var/qmail/bin/qmail-qstat
messages in queue: 111976
messages in queue but not yet preprocessed: 0

From the qmail-qstat results we can see a huge mails are there in the queue. Next step is to identify the domain from which the mail is generating.

Click here for more

Exim Mail Server Tips

Exim Mail Server Tips