Spam and exim commands
Spamming
Spamming can be either incoming or outgoing.
Incoming spamming might be concentrated to some domain or some email accounts.
Most of any incoming spamming is caused due to the catch-all being set as main account. If the catch-all for your domain is set to main account, set it as fail.
How to set catch-all for new domains in Cpanel server:
WHM >>Main >> Server Configuration >> Tweak Settings: Under Mail section
Default catch-all/default address behavior for new accounts. “fail” is usually the best choice if you are getting mail attacks.
Also, enable RBL and spamassasin options in WHM >> Main >> Exim Configuration
For outgoing spamming, some users may be using (knowingly or otherwise) some PHP scripts to try to send spam mails. You can find the source of PHP scripts using the command ‘ps -C exim -fH ewww |grep home’.
Preventive measures for spam blocking include:
- Limit the emails that can be sent.
- Tweak Mail settings as Follows: WHM >>Main >> Server Configuration >> Tweak Settings: Under Mail section
- The maximum each domain can send out per hour (0 is unlimited) : 300
Some helpful exim commands include:
exim -bp (For showing queue)
exim -bpc (Count of mail queue)
ps -C exim -fH ewww (For finding script sources )
exim -bp |exiqsumm (To get full exim queue summary )
exiqgrep -z -i | xargs exim -Mrm (Remove all frozen messages)