Koozali.org: home of the SME Server
Obsolete Releases => SME 7.x Contribs => Topic started by: besterl on July 25, 2008, 04:13:22 PM
-
I am sure that on more than one occasion you guys have (like myself) run into a situation where you had to clear a lot of junk out of the qmail queue and then try to reinstate the mail queue.
This is just a short howto and tips as to the way I do it - hope it might help someone. Please feel free to comment and add some info.
I am writing this for newbies as well - so please do not think I am patronizing in any way. (Some days I still feel like a noob)
The reason for this howto is that I have found numerous solutions and it is always a hunt and peck, and installing this and that.
Everything you need is right there on your server.
OK - I will start off with a scenario.
A user gets infected with a mail virus before the clam could update it's signatures to catch this offending signature.
By the time you get to the server there is thousands of mails in the outgoing queue, 99% percent of them junk.
Here is what I do (have done before)
First - stop the qmail service (this is what everyone will tell you - but I have done this without stopping the queue - usually after hours)
Now let us find the offending machine - if you have not done so already.
Go to /var/log/qpsmtpd and view the current log file
If you don't know how
Method one - open the server-manager - Select View log files and pick qpsmtpd/current
Method two - connect via putty and type cat /var/log/qpsmtpd/current | more
Looking at this info you can quickly see the offending IP by looking at "accepted connection x/xx from IP address.
If you see a lot of mail coming from a single IP - you can be 99% sure that this is the offending IP address.
The next step is to get all those offending messages from the queue. You might lose one or two valid ones - but we are in crisis mode and you can always ask the user to send them again - "Looking at their Sent Items on their mail client"
Still being logged in under putty as root go the the qmail spool folder
cd /var/qmail/queue
Now we grep to remove the offending messages as follows
grep -i -l -R "xxx.xxx.xxx.xxx" * | xargs rm -f -r -v
Substitute the xxx.xxx.xxx.xxx with the offending IP address
Now this will screw up the mail queue - but do not worry - we will fix it shortly
All that remains in the /var/qmail/queue/mess folders are mail from the other users.
Using a tool like mc (Midnight Commander) or even linux commands - move all the remaining messages into a seperate folder on your disk
I usually create a folder called reinject under root and move all the messages there
If you are very brave - you can now look in the server manager under mail log files / outgoing mail again and you will see thousands of file not found errors. Not to worry.
The next step is to remove all the info and remote as well as local files.
Using putty
cd /var/qmail/queue/info
grep -i -l -R "F" * | xargs rm -f -r -v
cd /var/qmail/queue/local
grep -i -l -R "T" * | xargs rm -f -r -v
cd /var/qmail/queue/remote
grep -i -l -R "F" * | xargs rm -f -r -v
You now have a brand spanking new clean mail queue
Restart your mail services if you have stopped them
We have one thing left to do - getting all the valid mails back into the queue.
Like I said - I create a folder under root called reinject - so lets go there
Still using our putty interface
cd /root/
ls reinject > out.log
This will create a file called out.log with all the names of the messages that needs to be reinjected.
Copy this file to the reinject folder
cp out.log reinject
Now go to the specific folder and create a small script (This I borrowed)
Feel free to cut and paste
vi inject
Press the Insert key here so you can type info into this file.
Select the following and right-click Copy
open(IFILE, "out.log");
my $line=<IFILE>;
while($line)
{
chomp($line);
my $com= "cat $line | /var/qmail/bin/qmail-inject";
print "$com\n";
$line=<IFILE>;
}
close(IFILE);
Right click in your putty session to paste all this info into your newly created file
Press Esc and then :wq
This will write your file and quit vi (an editor)
Now we must get the info from this script
Perl inject
This will create the full commands needed to inject (reinject) the mail back into qmail
Select this output by dragging your mouse over it all and right click to paste it to the putty command line
Press Enter and watch the mail pour back into your mail queue - instead of doing it one by one
Like I said - this is my simple way of doing it - if anybody can improve or automate this - please feel free
We might end up doing something like cleanqueue 192.168.0.100 to remove all messages from 192.168.0.100 from the queue
Thanks