Get your server issues fixed by our experts for a price starting at just 25 USD/Hour. Click here to register and open a ticket with us now!

Author Topic: Exim - Scripts to find the Origin of Spam mails in cPanel Server  (Read 6352 times)

0 Members and 1 Guest are viewing this topic.

vinodt

  • Guest
To get a sorted list of email sender in exim mail queue.

==========================================
# exim -bpr | grep "<" | awk {'print $4'} | cut -d "<" -f 2 | cut -d ">" -f 1 | sort -n | uniq -c | sort -n
=================================================================

 Script to check script that will originate spam mails:
==================================================================
# grep "cwd=/home" /var/log/exim_mainlog | awk '{for(i=1;i<=10;i++){print $i}}' | sort | uniq -c | grep cwd | sort -n
 
 # awk '{ if ($0 ~ "cwd" && $0 ~ "home") {print $3} }' /var/log/exim_mainlog | sort | uniq -c | sort -nk 1
 
 # grep 'cwd=/home' /var/log/exim_mainlog | awk '{print $3}' | cut -d / -f 3 | sort -bg | uniq -c | sort -bg
===================================================================

In order to find “nobody” spamming, issue the following command
==================================================================
# ps -C exim -fH ewww | awk '{for(i=1;i<=40;i++){print $i}}' | sort | uniq -c | grep PWD | sort -n
===================================================================

summary of mails in the mail queue.
======================================================
exim -bpr | exiqsumm -c | head
======================================================

Regards,

Vinod T K