To check the number of emails present in the queue:
# exim -bpc
To check the emails present in the queue with the mail id and sender ID:
# exim -bp
# exim -bp | less
To view the header of a particular email using mail ID:
# exim -MvH mail_id
To view the body of a particular email using mail ID:
# exim -Mvb mail_id
To view a message’s logs:
# exim -Mvl mail_id
To trace path:
# exim -d -bt user@domain.com
To get sorted list of email sender in exim queue:
# exim -bpr | grep "<" | awk {'print $4'} |cut -d "<" -f 2 | cut -d ">" -f 1 | sort -n | uniq -c| sort -n
To check the script that will originate spam mails:
# grep "cwd=" /var/log/exim_mainlog|awk '{for(i=1;i<=10;i++){print $i}}'|sort| uniq -c|grep cwd|sort -n
If we need to find out exact spamming script. To do this, run following command:
# ps aux | grep user | grep --color=always "/home/user/public_html/templates/" | head
To delete the emails of a specific user:
# grep -lr 'user@domain.com' /var/spool/exim/input/ | sed -e 's/^.*\/\([a-zA-Z0-9-]*\)-[DH]$/\1/g' | xargs exim -Mrm
# exim -bp | grep "user_email-account" | awk '{print $3}' | xargs exim -Mrm
To delete Frozen emails from the email queue:
# grep -R -l '*** Frozen' /var/spool/exim/msglog/*|cut -b26-|xargs exim -Mrm
# exim -bp| grep frozen | awk '{print $3}'| xargs exim -Mrm
# exiqgrep -z -i | xargs exim -Mrm
To delete Spam emails from the email queue:
# grep -R -l [SPAM] /var/spool/exim/msglog/*|cut -b26-|xargs exim -Mrm
To check the no. of frozen mails:
# exiqgrep -z -c
To check exim logs:
# tail -f /var/log/exim_mainlog
Force delivery of one message:
# exim -M mail_id
Force another queue run:
# exim -qf
Force another queue run and attempt to flush frozen messages:
# exim -qff
To clear just one email:
# exim -Mrm mail_id
Check the subjects of the emails:
# exiqgrep -i |awk '{ print "exim -Mvh "$1 }' |sh |grep -i Subject
Delete the email which content some string in the message body
# grep -lr 'photos to album' /var/spool/exim/input/ | sed -e 's/^.*\/\([a-zA-Z0-9-]*\)-[DH]$/\1/g' | xargs exim -Mrm
To get a sorted list of email sender in exim mail queue.
==========================================
# exim -bpr | grep "<" | awk {'print $4'} | cut -d "<" -f 2 | cut -d ">" -f 1 | sort -n | uniq -c | sort -n
=================================================================
Script to check script that will originate spam mails:
==================================================================
# grep "cwd=/home" /var/log/exim_mainlog | awk '{for(i=1;i<=10;i++){print $i}}' | sort | uniq -c | grep cwd | sort -n
# awk '{ if ($0 ~ "cwd" && $0 ~ "home") {print $3} }' /var/log/exim_mainlog | sort | uniq -c | sort -nk 1
# grep 'cwd=/home' /var/log/exim_mainlog | awk '{print $3}' | cut -d / -f 3 | sort -bg | uniq -c | sort -bg
===================================================================
In order to find “nobody” spamming, issue the following command
==================================================================
# ps -C exim -fH ewww | awk '{for(i=1;i<=40;i++){print $i}}' | sort | uniq -c | grep PWD | sort -n
===================================================================
summary of mails in the mail queue.
======================================================
exim -bpr | exiqsumm -c | head
======================================================
