Exim Mail Queue Soaked
Nov 17, 2007
centos
2gigs ram
cpanel whm
Anyway after complaints of "mail not being sent" I looked at a few things, found over 25,000 messages stuck in the queue. The messages no being sent thing is yahoo blocking me because of too many mails sent to their servers without a valid recipient.
When I empty the queue it gathers about 200 mails an hour. Looks like it is coming from all over the world and they are using a valid ip from one of the domains hosted for sending.
Bear with me I was reselling for years and this is my first real dedicated server.
Reverse DNS is set up. I need a couple clues.
View 10 Replies
ADVERTISEMENT
Dec 18, 2007
I get dozens of these per minute in exim mail queue
Quote:
1J4neJ-0001DS-Ns-H
mailnull 47 12
<>
1198027383 0
-ident mailnull
-received_protocol local
-body_linecount 33
-max_received_linelength 115
-allow_unqualified_recipient
-allow_unqualified_sender
-localerror
XX
1
root@server.mydomain.com
154P Received: from mailnull by server.mydomain.com with local (Exim 4.68)
id 1J4neJ-0001DS-Ns
for root@server.mydomain.com; Tue, 18 Dec 2007 19:23:03 -0600
038 X-Failed-Recipients: admin@domain.com
029 Auto-Submitted: auto-replied
063F From: Mail Delivery System <Mailer-Daemon@server.mydomain.com>
029T To: root@server.mydomain.com
059 Subject: Mail delivery failed: returning message to sender
052I Message-Id: <E1J4neJ-0001DS-Ns@server.mydomain.com>
038 Date: Tue, 18 Dec 2007 19:23:03 -0600
1J4neJ-0001DS-Ns-D
This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:
admin@domain.com
SMTP error from remote mail server after RCPT TO:<admin@domain.com>:
host sentry.domainbank.com [64.85.73.28]: 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)
------ This is a copy of the message, including all the headers. ------
Return-path: <root@server.mydomain.com>
Received: from root by server.mydomain.com with local (Exim 4.68)
(envelope-from <root@server.mydomain.com>)
id 1J4neI-0001D9-4I
for admin@domain.com; Tue, 18 Dec 2007 19:23:02 -0600
To: admin@domain.com
Subject: Services(2) failed
From: monitor@domain.com
Message-Id: <E1J4neI-0001D9-4I@server.mydomain.com>
Date: Tue, 18 Dec 2007 19:23:02 -0600
Address:mydomain.com
Following services are down:
SSH(22)
MySQL(3306)
Do not reply to this!
For further details please contact your provider!
Then I get this also
Quote:
1J4nhC-0001Kn-2T-H
root 0 0
<root@server.mydomain.com>
1198027562 0
-ident root
-received_protocol local
-body_linecount 13
-max_received_linelength 77
-auth_id root
-auth_sender root@server.mydomain.com
-allow_unqualified_recipient
-allow_unqualified_sender
-local
XX
1
root@server.mydomain.com
194P Received: from root by server.mydomain.com with local (Exim 4.68)
(envelope-from <root@server.mydomain.com>)
id 1J4nhC-0001Kn-2T
for root@server.mydomain.com; Tue, 18 Dec 2007 19:26:02 -0600
025* From: root (Cron Daemon)
045F From: root@server.mydomain.com (Cron Daemon)
009* To: root
029T To: root@server.mydomain.com
077 Subject: Cron <root@server> lynx --dump [url]
028 X-Cron-Env: <SHELL=/bin/sh>
025 X-Cron-Env: <HOME=/root>
033 X-Cron-Env: <PATH=/usr/bin:/bin>
027 X-Cron-Env: <LOGNAME=root>
024 X-Cron-Env: <USER=root>
052I Message-Id: <E1J4nhC-0001Kn-2T@server.mydomain.com>
038 Date: Tue, 18 Dec 2007 19:26:02 -0600
1J4nhC-0001Kn-2T-D
Not Found
The requested URL /agent/cron.php was not found on this server.
Additionally, a 404 Not Found error was encountered while trying to use an
ErrorDocument to handle the request.
_________________________________________________________________
Apache/2.2.6 (Unix) mod_ssl/2.2.6 OpenSSL/0.9.7a mod_auth_passthrough/2.1
mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_jk/1.2.25 PHP/5.2.5 Server at
mydomain.com Port 80
View 4 Replies
View Related
May 21, 2009
Today my server started to go off-line and each time i restarted it went down within couple minutes. So i looked into it and found that i had over 7000 emails in Exim Mail Queue. All of them are spam. I deleted them through WHM and now everything seems good again but....
My question is how can i check what caused this problem? Has one of my domains been compromised with and sending out spam? What can i do?
View 6 Replies
View Related
Jan 17, 2008
1) What would you guys say is average in terms of the # of emails in the Mail Queue?
2) What steps can be taken to tighten it up? If I start with a clean slate, it only takes about a week or less for my mail queue to reach 1000 or more. Most of it seems like junk mail.
View 0 Replies
View Related
Jun 19, 2008
In my Exim mail queue, there are around 33,000 messages, all of which appear to be "Mail delivery failed: returning message to sender" messages.
The reason for these bounces is because spam is being continuously sent to non-existent addresses on my domain.
View 2 Replies
View Related
Apr 19, 2009
how to setup hourly cronjob to kill exim mail queues on the cpanel server?
I know this question may sounds a little tedious as I have tried to find an answer to this but still have no clue yet.
View 4 Replies
View Related
Nov 19, 2007
my Exim mail outgoing queue is getting stuck and i cannot receive emails. Under WHM i have 50 odd emails, some 7 days old.
A small dump from /var/log/exim-mainlog is below:
2007-11-19 04:40:45 H=(H®) [202.57.142.156] sender verify defer for <jqyuehutmqluz@epilot.com>: could not connect to mail02.interchangeusa.com [63.251.210.81]: Connection timed out
2007-11-19 04:40:45 H=(H®) [202.57.142.156] F=<jqyuehutmqluz@epilot.com> temporarily rejected RCPT <morleyc@myemail.net>: Could not complete sender verify callout
2007-11-19 04:40:45 unexpected disconnection while reading SMTP command from (H®) [202.57.142.156]
2007-11-19 04:40:51 no IP address found for host 202.57.142.156.sta.isp-thailand.com (during SMTP connection from [202.57.142.156])
2007-11-19 04:40:57 no IP address found for host 202.57.142.156.sta.isp-thailand.com (during SMTP connection from [202.57.142.156])
2007-11-19 04:41:01 no IP address found for host 202.57.142.156.sta.isp-thailand.com (during SMTP connection from [202.57.142.156])
2007-11-19 04:41:04 no IP address found for host 202.57.142.156.sta.isp-thailand.com (during SMTP connection from [202.57.142.156])
2007-11-19 04:41:43 no host name found for IP address 77.94.106.13
2007-11-19 04:41:49 1ItxNu-0007E6-4s mail.global.frontbridge.com [207.46.51.86] Connection timed out
2007-11-19 04:41:49 1ItxNu-0007E6-4s == hmt@someaddress.com <HMT@someaddress.com> R=lookuphost T=remote_smtp defer (110): Connection timed out
2007-11-19 04:41:49 1ItxNu-0007E6-4s == jog@someaddress.com <JOG@someaddress.com> R=lookuphost T=remote_smtp defer (110): Connection timed out
2007-11-19 04:41:49 1ItxNu-0007E6-4s == mrl@someaddress.com <MRL@someaddress.com> R=lookuphost T=remote_smtp defer (110): Connection timed out
2007-11-19 04:42:29 H=(client-200.121.46.74.speedy.net.pe) [200.121.46.74] sender verify defer for <tecat@yahoo.de>: Could not complete sender verify callout
2007-11-19 04:42:29 H=(client-200.121.46.74.speedy.net.pe) [200.121.46.74] F=<tecat@yahoo.de> temporarily rejected RCPT <morleyc@myemail.net>: Could not complete sender verify callout
2007-11-19 04:42:29 unexpected disconnection while reading SMTP command from (client-200.121.46.74.speedy.net.pe) [200.121.46.74]
Everything was fine until about 7 days ago, i dont know why the config didnt change but since then its been dropping received emails and queueing on sends.
View 10 Replies
View Related
Aug 12, 2008
I get an alert that The exim delivery queue size currently has 3000 emails in it waiting to be processed.
View 5 Replies
View Related
Mar 12, 2008
This feels like an unusually newbie question for me, but... I think my exim queue isn't running. I was born and raised on qmail :-)
I discovered on a relatively new server that the message queue was backed up nearly a month with messages. Fortunately it wasn't a crazy amount, some were double-bounces, and with the help of exiqgrep I got it caught up manually in about a day on and off.
But today it's obvious messages that fail the first time (ex: greylisted) NEVER get retried. Is this a missing cron job? Or command-line param for exim? I would think a relatively stock cPanel install wouldn't suffer from this but... where do I start checking?
Code:
/usr/sbin/exim -bd -oX 587
2008-03-09 04:02:15 exim 4.68 daemon started: pid=13511, no queue runs, listening for SMTP on port 25 (IPv4) port 587 (IPv4) [127.0.0.1]:10025
I mean, that seems fairly obvious right there, but I want to make sure I fix it the right way... in case this is merely a checkbox in cPanel or something...
View 2 Replies
View Related
Aug 1, 2009
[1] Removing Bad Mail
for i in `exiqgrep -i -f nobody`; do exim -Mrm $i; done >> Removes Nobody Mail
for i in `exiqgrep -i -o 259200`; do exim -Mrm $i; done >> Removes Mail Older than 3 Days
for i in `exiqgrep -i -f "^<>$"`; do exim -Mrm $i; done >> Removes Mail with Weird Characters (Spam)
[2] Delete Mail by a Domain
for i in `exiqgrep -i -f domain.com`; do exim -Mrm $i; done
[3] Delete Mail for a Domain
for i in `exiqgrep -i -r domain.com`; do exim -Mrm $i; done
[4] Remove Whole Mail Queue
for i in `exiqgrep -i -f `; do exim -Mrm $i; done
[5] Run Mail Queue
runq -qqff&
View 3 Replies
View Related
Jul 17, 2008
I have been seeing so many exim mail queue on server. I would like to clear for every one hour throuh crontab entry. So that I have used following script to run.
file path : /root/eximQueue.sh
Script:
#!bin/bash
exim -bpu |awk '{print $3}'|xargs exim -Mrm
crontab entry:
0 * * * * /bin/bash /root/eximQueue.sh
but the crontab is running every 1 hour but no mails cleared. Please guide to work this.
View 4 Replies
View Related
Aug 8, 2008
can it be done? because a dumb customer sent an email with like 500 recipients... and its stucked on the queue. So i wanna delete it... but when i go to Mail queue manager (i use WHM) i got this:
Message 1KRTsr-0006tc-F6 is locked
So what can i do? should i just sit and wait until its "unlocked"?
can i kill any process? i already tried restarting exim... but its still there... and btw the size of that message is of about 500 mb >.<
View 3 Replies
View Related
Jan 26, 2008
can I delete certain emails from mail queue manager in SSH?
for example we have many emails for trying to send to email@email.com and I would like delete this emails.
View 11 Replies
View Related
Jun 12, 2008
We have running exim mail service in cpanel web server. Exim consumed some CPU% memory and lots of threads are opening. More than 2000 mails in queue everyday. How can we optimize the exim mail service?
top - 06:33:12 up 23:12, 1 user, load average: 0.03, 0.08, 0.08
PID USER PR NI %CPU TIME+ %MEM VIRT RES SHR S COMMAND
4777 mailnull 15 0 1 0:00.02 0.2 9324 3936 2680 S exim
1809 mailnull 16 0 0 0:00.09 0.1 8192 1156 808 S exim
1815 mailnull 24 0 0 0:00.00 0.1 8428 1100 764 S exim
4779 mailnull 16 0 0 0:00.00 0.0 8200 684 336 S exim
View 4 Replies
View Related
Oct 7, 2009
I wonder if is it possible to clean Queue for specific client on my box. For example: "if queue for specific email is too long clear it".
Got sendmail, spamassasin, spamdyke, plesk
onboard.
View 10 Replies
View Related
Feb 9, 2007
Getting alot of these on one domain, two email accounts (quota nearly 0 used out of 50MB)
2007-02-08 19:26:17 1HFKWm-0008Rw-0a => emily@sendingdomain.com <Emily@sendingdomain.com> F=<matthew@receivingdomain.com> P=<matthew@receivingdomain.com> R=lookuphost T=remote_smtp S=17049 H=smtp.sendingdomain.com [198.203.146.90]:25 X=TLSv1:AES256-SHA:256 CV=no DN="/emailAddress=postmaster@sendingdomain.com/C=US/ST=TEXAS/L=HOUSTON/O=CORPORATE SERVICES/OU=CORPORATE SERVICES/CN=USHOUXCF01.sendingdomain.COM" C="250 +OK message queued for delivery." QT=1s DT=1s
View 3 Replies
View Related
May 19, 2007
I notice that in my WHM Mail Queue Manager I get a few emails pointing to something that looks like this:
Quote:
Everyone looks like this,
1FnPkc-0000rR-VQ 516 22h Delete Deliver Now
root@host.mydomain.com
and also some emails going to root about backup etc.
I don't have any email addresses set in the "Change System Mail Preferences" options, I left it blank. Should I set a valid email address or is there any way to stop these emails being sent in the first place?
View 3 Replies
View Related
May 7, 2008
Recently, I keep getting an email from my dedicated server company (godaddy, plesk 8.2 windows) that I've reached my daily limit of 1000 emails when I only send like 20-40 a day max.
So I want to take a look at whats going on, what emails have been sent/received and are still in queue?
Can can I access my mail queue using Plesk? And then how can I delete them?
View 14 Replies
View Related
Jun 26, 2009
where to check mail-queue in cPanel ??
my friend has an vps and he has some trouble sending mail to 1 particular host such as hotmail, all the remaining hosts the mails are sent, but only to tht particular mail host the mails are not sent regularly, some times they recv it some times they don't
checked webmail, couldn't see any failed/bounced mail mail msg, so not sure why this is happening, so I want to check the mail-queue for him to check the status of tht particular host, if I could try to sort them out directly with the mail server for him.
View 9 Replies
View Related
Nov 4, 2009
I had this spam problem on my server. Some perl scripts uploaded to /tmp folder were generating lots of spam email. We stopped sendmail, cleaned the server from all the bugs and erased all the messages in /var/spool/mqueue. Yet when I start sendmail again I begin receiving lots of autoresponders and returned emails. Where are those incoming mails located? In which queue?
View 3 Replies
View Related
