5kits zhao

Spam and exim commands

Spamming

Spamming can be either incoming or outgoing.

Incoming spamming might be concentrated to some domain or some email accounts.

Most of any incoming spamming is caused due to the catch-all being set as main account. If the catch-all for your domain is set to main account, set it as fail.

How to set catch-all for new domains in Cpanel server:

WHM >>Main >> Server Configuration >> Tweak Settings: Under Mail section

Default catch-all/default address behavior for new accounts. “fail” is usually the best choice if you are getting mail attacks.

Also, enable RBL and spamassasin options in WHM >> Main >> Exim Configuration

For outgoing spamming, some users may be using (knowingly or otherwise) some PHP scripts to try to send spam mails. You can find the source of PHP scripts using the command ‘ps -C exim -fH ewww |grep home’.

Preventive measures for spam blocking include:

  • Limit the emails that can be sent.
  • Tweak Mail settings as Follows:  WHM >>Main >> Server Configuration >> Tweak Settings: Under Mail section
  • The maximum each domain can send out per hour (0 is unlimited) : 300

Some helpful exim commands include:

exim -bp          (For showing queue)
exim -bpc          (Count of mail queue)
ps -C exim -fH ewww (For finding script sources )
exim -bp |exiqsumm (To get full exim queue summary )
exiqgrep -z -i | xargs exim -Mrm (Remove all frozen messages)

Leave a Reply