Koozali.org: home of the SME Server
Obsolete Releases => SME Server 9.x => Topic started by: jameswilson on May 18, 2017, 04:32:36 PM
-
My server has had one of its user accounts compromised. I have found it and reset the password and also installed fail2ban (was installed but wasnt running) to prevent this again.
But i now have a huge queue of messages unable to be sent. I want to remove them all but the threads on the forum seem to be for older versions or look risky.
Is there a simple command I dont mind loosing all of them as they are all spam.
James
-
yum --enablerepo=smecontribs install smeserver-qmHandle
you can then use the web page to manage qmail queue or che CLI
HTH
-
Or, there's the quick'n'dirty way:
sv d /service/qmail
mv /var/qmail/queue /var/qmail/queue.spam
yum -y reinstall qmail
signal-event email-update
-
interesting trick, thank you
-
Or, there's the quick'n'dirty way:
sv d /service/qmail
mv /var/qmail/queue /var/qmail/queue.spam
yum -y reinstall qmail
signal-event email-update
Superb solved my issue. Thanks
-
Superb solved my issue. Thanks
Be aware there may have been some innocent victims of that. Some messages from non-compromised accounts may still be sitting in the old queue. i would purge the old queue of messages from the compromised account, and see what is left.
find and grep will be your friends here.
-
Be aware there may have been some innocent victims of that. Some messages from non-compromised accounts may still be sitting in the old queue. i would purge the old queue of messages from the compromised account, and see what is left.
find and grep will be your friends here.
agreed but in my case I'm happy if a few genuine outbounds were lost then so be it.
As a side note or question, can something like fail2ban be included by default but with looser settings than default. Even better a fail2ban menu in server manager with disabled, low, medium, high settings etc?
-
Qmhandle has a grep function, works great to purge multiples copies at once and leave only few mails for manual checking.