If your server suffers from a spamming attack through an exploited web site or any other means it is probable that you want to delete all offending mails. Below we provide a very useful script which does exactly this. It scans through your mail queues and deletes all mail that match the sended or the recipient address you specify. In order to use it login to your server using SSH and execute the command:
vi /bin/cleanqueues
You are now in the vi editor. Press the key i and notice the alarm “— INSERT —” at the bottom of your terminal. Now copy and paste the following lines:
#!/bin/sh
if [ $1 ]; then
echo "`exim -bpru | tr '\n' + | sed -e "s/++/=/g" | tr -d + | tr = '\n' | grep "$1" | awk {'print $3'} | xargs exim -Mrm | wc -l` E- Mails deleted"
else
echo "To delete ALL the `exim -bpc` E-Mails on mail queue, give this command:"
echo "exim -bpru | awk {'print $3'} | xargs exim -Mrm"
echo ""
echo "If you want to delete only mails with an specific sender/recipient, use:"
echo "$0 [sender/recipient]"
fi
Press the key ESC and then :wq . Now that you have returned to your shell, execute the command:
chmod 700 /bin/cleanqueues
The script is ready. You can execute it and pass it as an argument the email address either of the sender or the receipient, for example:
cleanqueues [email protected]
It down not work because it looks for the exim.conf file on the /etc/ directory, and there is none in there buecause it is chrooted somewhere else.
Any ideas how to make it run ?
Thanks in advance for your cooperation
You should run the command within the chrooted environment and you should be ok!
How can I do that, run the shell within the chroot enviroment ?