Qmailers,
Today i got into work to be faced with a local queue of 17000 odd messages.
We were spammed by an american company who offered cheap university
diploma's.
Anyhow.. this is what i did to remove the messages and was wondering if
anyone has a better alternative:
1. killed qmail-send
2. found out that the spam message contained "UNIVERSITY DIPLOMA" somewhere
within the mail
3. went into /var/local/queue/mess and did a grep on all files for
"UNIVERSITY DIPLOMA"
4. piped these to /tmp/messagenumbers which contained a list of 17000 odd
message id numbers of spammed mail
5. opened up three terminals to machine running qmail, one in
/var/qmail/queue/info, one in /var/qmail/queue/local and one in
/var/qmail/queue/mess and wrote a for loop to remove all the files that were
in the /tmp/messagenumbers file
6. restarted qmail-send and everything was okay again, queue was back down
to a couple of hundred mails which were cleared in 10 minutes or so
I originally tried using the qmhandle.cgi script that is floating around..
that works fine, however looking at the cgi it is obvious it takes time to
decide whether the mail is local or remote... and seeing as i knew these
were all in the local queue, i didn't have that time, i just had to remove
the mails myself.
Can anyone see if there is anything i've done wrong here?
Regards,
Marc-Adrian Napoli
Network Administrator
Connect Infobahn Australia
+61 2 9281 1750
