On 25 Sep 2019, at 15:43, necktwi via Exim-users <exim-users@exim.org> wrote: > How to run recovery? I tried rm -rf /var/spool/exim/db/* and started the exim
That’s one perfectly valid way, although there are others specific to the Berkeley DB tools you have installed (or can install). However: > These messages are being flooded every second! How did i...@lee.org pipeline > mail to yahoo from my server? I didn't send any mail to any gmail user and > how come my exim server is pipelining a request to gmail server every second? You need to look at your logs in more detail, for the lines containing ‘ <= ‘. That’ll show from where the messages are arriving. It’s almost certainly going to be one of the following in decreasing order of likelihood but increasing seriousness: 1. Compromised account using SMTP Auth 2. Compromised account using webmail 3. Configuration allowing open relay 4. Configuration allowing relay from a box which has been compromised 5. Compromised account running arbitrary code on your box Graeme -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
