When I had a customer that was compromised, and flooded outbound, I
first stopped mail processing, found who the sender was, then
"manually" deleted them out of the queue such as this...
WARNING, do NOT do these commands unless you fully understand them!!
/etc/init.d/qmail queue | grep msimp | cut -d "#" -f 2- | cut -d " "
-f -1 > /root/spam.txt
updatedb
cat /root/spam.txt | xargs locate | xargs rm
And that deleted only the spams that were in the queue that were from
someone that matched "msimp".
Theres probably a more proper way to do it, but thats what I did... (shrug).
At 03:36 PM 6/25/2013, you wrote:
Emai server spamming
I have over 200 thousand in the out queue
Box must be compromised
Any thing We can do to block outgoing .
madmac
On 6/25/2013 12:09 PM, System Admin wrote:
Hi all,
Currently our mail mail server can only receive but not send any email.
What logs can I check,
and what might the problem be.
Thanks
---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
