Wednesday 9 December 2015

Exim commands


Shows the total no of email in qmail
  exim –bpc

Print a listing of the messages in the queue
  exim -bp

Shows no of frozen emails
  exim -bpr | grep frozen | wc -l

To remove FROZEN mails from the server
  exim -bp | exiqgrep -i | xargs exim -Mrm
  exiqgrep -z -i | xargs exim –Mrm

To shows the domain name and the no of emails sent   by that domain
  exim -bp | exiqsumm | more

Following command will show path to the script being utilized to send mail

  ps -C exim -fH eww
  ps -C exim -fH eww | grep home

  cd /var/spool/exim/input/
  egrep "X-PHP-Script" * -R

Check for spamming if anybody is using php script for sending mail through home

    tail -f /var/log/exim_mainlog | grep home

If anyone is spamming from /tmp

    tail -f /var/log/exim_mainlog | grep /tmp


To display the IP and no of tries done by the IP to send mail but rejected by the server.

    tail -3000 /var/log/exim_mainlog |grep ‘rejected RCPT’ |awk ‘{print$4}’|awk -F\[  '{print $2} '|awk -F\] ‘{print $1} ‘|sort | uniq -c | sort -k 1 -nr | head -n 5


Shows the  connections from a certain ip to the   SMTP server

   netstat -plan|grep :25|awk {‘print $5′}|cut -d: -f 1|sort|uniq -c|sort -nk 1


If  spamming from outside domain then you can block that domain or email id on the server

     pico /etc/antivirus.exim

Add the following lines:

    if $header_from: contains “name@domain.com”
    then
    seen finish
    endif

Following command will show you the maximum no of email currently in the mail queue have from or to the email address in the mail queue with exact figure.

    exim -bpr | grep “<*@*>” | awk ‘{print $4}’|grep -v “<>” | sort | uniq -c | sort -n


That will show you the maximum no of email currently in the mail queue have for the domain or from the domain with number.

    exim -bpr | grep “<*@*>” | awk ‘{print $4}’|grep -v “<>” |awk -F “@” ‘{ print $2}’ | sort | uniq -c | sort -n


Check if any php script is causing the mass mailing with

    cd /var/spool/exim/input
    egrep “X-PHP-Script” * -R

Just cat the ID that you get and you will be able to check which script is here causing problem for you.

To Remove particular email account email

    exim -bpr |grep “ragnarockradio.org”|awk {‘print $3′}|xargs exim -Mrm

Reading Email header

    exim -Mvh (ID)

To view a particular message body

     exim - Mvb(ID)

To view mails under a particular user

     exim -bp | grep alpha.com(domain)

To view the no of mails under a particular user

     exim -bp | grep alpha.com(domain) | wc -l

To  remove messages under the domain

      exiqgrep -f  (domain)  -i | xargs exim -Mrm

To clear the Mail queue
       
exim -bp | awk '/^ *[0-9]+[mhd]/{print "exim -Mrm " $3}' | bash  
Posted by at

1 comment:

  1. Blogger6 December 2016 at 18:45

    I've used Kaspersky Anti virus for a few years now, and I'd recommend this solution to all of you.

    ReplyDelete

Subscribe to: Post Comments (Atom)