This feels like an unusually newbie question for me, but... I think my exim queue isn't running. I was born and raised on qmail :-)
I discovered on a relatively new server that the message queue was backed up nearly a month with messages. Fortunately it wasn't a crazy amount, some were double-bounces, and with the help of exiqgrep I got it caught up manually in about a day on and off.
But today it's obvious messages that fail the first time (ex: greylisted) NEVER get retried. Is this a missing cron job? Or command-line param for exim? I would think a relatively stock cPanel install wouldn't suffer from this but... where do I start checking?
Code:
/usr/sbin/exim -bd -oX 587
2008-03-09 04:02:15 exim 4.68 daemon started: pid=13511, no queue runs, listening for SMTP on port 25 (IPv4) port 587 (IPv4) [127.0.0.1]:10025
I mean, that seems fairly obvious right there, but I want to make sure I fix it the right way... in case this is merely a checkbox in cPanel or something...
154P Received: from mailnull by server.mydomain.com with local (Exim 4.68) id 1J4neJ-0001DS-Ns for root@server.mydomain.com; Tue, 18 Dec 2007 19:23:03 -0600 038 X-Failed-Recipients: admin@domain.com 029 Auto-Submitted: auto-replied 063F From: Mail Delivery System <Mailer-Daemon@server.mydomain.com> 029T To: root@server.mydomain.com 059 Subject: Mail delivery failed: returning message to sender 052I Message-Id: <E1J4neJ-0001DS-Ns@server.mydomain.com> 038 Date: Tue, 18 Dec 2007 19:23:03 -0600
1J4neJ-0001DS-Ns-D This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed:
admin@domain.com SMTP error from remote mail server after RCPT TO:<admin@domain.com>: host sentry.domainbank.com [64.85.73.28]: 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)
------ This is a copy of the message, including all the headers. ------
Return-path: <root@server.mydomain.com> Received: from root by server.mydomain.com with local (Exim 4.68) (envelope-from <root@server.mydomain.com>) id 1J4neI-0001D9-4I for admin@domain.com; Tue, 18 Dec 2007 19:23:02 -0600 To: admin@domain.com Subject: Services(2) failed From: monitor@domain.com Message-Id: <E1J4neI-0001D9-4I@server.mydomain.com> Date: Tue, 18 Dec 2007 19:23:02 -0600
Address:mydomain.com
Following services are down:
SSH(22) MySQL(3306)
Do not reply to this! For further details please contact your provider!
194P Received: from root by server.mydomain.com with local (Exim 4.68) (envelope-from <root@server.mydomain.com>) id 1J4nhC-0001Kn-2T for root@server.mydomain.com; Tue, 18 Dec 2007 19:26:02 -0600 025* From: root (Cron Daemon) 045F From: root@server.mydomain.com (Cron Daemon) 009* To: root 029T To: root@server.mydomain.com 077 Subject: Cron <root@server> lynx --dump [url] 028 X-Cron-Env: <SHELL=/bin/sh> 025 X-Cron-Env: <HOME=/root> 033 X-Cron-Env: <PATH=/usr/bin:/bin> 027 X-Cron-Env: <LOGNAME=root> 024 X-Cron-Env: <USER=root> 052I Message-Id: <E1J4nhC-0001Kn-2T@server.mydomain.com> 038 Date: Tue, 18 Dec 2007 19:26:02 -0600
1J4nhC-0001Kn-2T-D Not Found
The requested URL /agent/cron.php was not found on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request. _________________________________________________________________
Apache/2.2.6 (Unix) mod_ssl/2.2.6 OpenSSL/0.9.7a mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_jk/1.2.25 PHP/5.2.5 Server at mydomain.com Port 80
Anyway after complaints of "mail not being sent" I looked at a few things, found over 25,000 messages stuck in the queue. The messages no being sent thing is yahoo blocking me because of too many mails sent to their servers without a valid recipient.
When I empty the queue it gathers about 200 mails an hour. Looks like it is coming from all over the world and they are using a valid ip from one of the domains hosted for sending.
Bear with me I was reselling for years and this is my first real dedicated server.
Today my server started to go off-line and each time i restarted it went down within couple minutes. So i looked into it and found that i had over 7000 emails in Exim Mail Queue. All of them are spam. I deleted them through WHM and now everything seems good again but....
My question is how can i check what caused this problem? Has one of my domains been compromised with and sending out spam? What can i do?
I have been seeing so many exim mail queue on server. I would like to clear for every one hour throuh crontab entry. So that I have used following script to run.
1) What would you guys say is average in terms of the # of emails in the Mail Queue?
2) What steps can be taken to tighten it up? If I start with a clean slate, it only takes about a week or less for my mail queue to reach 1000 or more. Most of it seems like junk mail.
can it be done? because a dumb customer sent an email with like 500 recipients... and its stucked on the queue. So i wanna delete it... but when i go to Mail queue manager (i use WHM) i got this:
Message 1KRTsr-0006tc-F6 is locked
So what can i do? should i just sit and wait until its "unlocked"?
can i kill any process? i already tried restarting exim... but its still there... and btw the size of that message is of about 500 mb >.<
We have running exim mail service in cpanel web server. Exim consumed some CPU% memory and lots of threads are opening. More than 2000 mails in queue everyday. How can we optimize the exim mail service?
top - 06:33:12 up 23:12, 1 user, load average: 0.03, 0.08, 0.08
PID USER PR NI %CPU TIME+ %MEM VIRT RES SHR S COMMAND 4777 mailnull 15 0 1 0:00.02 0.2 9324 3936 2680 S exim 1809 mailnull 16 0 0 0:00.09 0.1 8192 1156 808 S exim 1815 mailnull 24 0 0 0:00.00 0.1 8428 1100 764 S exim 4779 mailnull 16 0 0 0:00.00 0.0 8200 684 336 S exim
my Exim mail outgoing queue is getting stuck and i cannot receive emails. Under WHM i have 50 odd emails, some 7 days old.
A small dump from /var/log/exim-mainlog is below:
2007-11-19 04:40:45 H=(H®) [202.57.142.156] sender verify defer for <jqyuehutmqluz@epilot.com>: could not connect to mail02.interchangeusa.com [63.251.210.81]: Connection timed out 2007-11-19 04:40:45 H=(H®) [202.57.142.156] F=<jqyuehutmqluz@epilot.com> temporarily rejected RCPT <morleyc@myemail.net>: Could not complete sender verify callout 2007-11-19 04:40:45 unexpected disconnection while reading SMTP command from (H®) [202.57.142.156] 2007-11-19 04:40:51 no IP address found for host 202.57.142.156.sta.isp-thailand.com (during SMTP connection from [202.57.142.156]) 2007-11-19 04:40:57 no IP address found for host 202.57.142.156.sta.isp-thailand.com (during SMTP connection from [202.57.142.156]) 2007-11-19 04:41:01 no IP address found for host 202.57.142.156.sta.isp-thailand.com (during SMTP connection from [202.57.142.156]) 2007-11-19 04:41:04 no IP address found for host 202.57.142.156.sta.isp-thailand.com (during SMTP connection from [202.57.142.156]) 2007-11-19 04:41:43 no host name found for IP address 77.94.106.13 2007-11-19 04:41:49 1ItxNu-0007E6-4s mail.global.frontbridge.com [207.46.51.86] Connection timed out 2007-11-19 04:41:49 1ItxNu-0007E6-4s == hmt@someaddress.com <HMT@someaddress.com> R=lookuphost T=remote_smtp defer (110): Connection timed out 2007-11-19 04:41:49 1ItxNu-0007E6-4s == jog@someaddress.com <JOG@someaddress.com> R=lookuphost T=remote_smtp defer (110): Connection timed out 2007-11-19 04:41:49 1ItxNu-0007E6-4s == mrl@someaddress.com <MRL@someaddress.com> R=lookuphost T=remote_smtp defer (110): Connection timed out 2007-11-19 04:42:29 H=(client-200.121.46.74.speedy.net.pe) [200.121.46.74] sender verify defer for <tecat@yahoo.de>: Could not complete sender verify callout 2007-11-19 04:42:29 H=(client-200.121.46.74.speedy.net.pe) [200.121.46.74] F=<tecat@yahoo.de> temporarily rejected RCPT <morleyc@myemail.net>: Could not complete sender verify callout 2007-11-19 04:42:29 unexpected disconnection while reading SMTP command from (client-200.121.46.74.speedy.net.pe) [200.121.46.74]
Everything was fine until about 7 days ago, i dont know why the config didnt change but since then its been dropping received emails and queueing on sends.
I am having issues in receieving emails. For some reason, the rbl lists I had setup are causing the server to reject emails (retry - timeout). So, I need to take this rbl list completely. How can I do that? exim.conf is locked and using the advanced editor is no fun even though I tried it putting the dnslists without the rbl causing the problem.
Might be a weird question, but I have a test server setup with a single domain name and I am trying to figure out an easy way to get a bunch of emails to stay in the queue, anyone have an idea?
I can receive e-mails from another server, as well as another domain on this server. I can send e-mails to another domain on this server, but anything out to another server, gets stuck in the queue. I am using Plesk 7.0.2
Plesk Queue info shows: Messages in queue: 0 not preprocessed, 0 local, 630 remote, 630 total.
In the maillog, I see " deferral: Sorry,_I_wasn't_able_to_establish_an_SMTP_connecti on._(#4.4.1)/" after an outbound e-mail.
I notice that in my WHM Mail Queue Manager I get a few emails pointing to something that looks like this:
Quote:
Everyone looks like this, 1FnPkc-0000rR-VQ 516 22h Delete Deliver Now root@host.mydomain.com
and also some emails going to root about backup etc.
I don't have any email addresses set in the "Change System Mail Preferences" options, I left it blank. Should I set a valid email address or is there any way to stop these emails being sent in the first place?
Recently, I keep getting an email from my dedicated server company (godaddy, plesk 8.2 windows) that I've reached my daily limit of 1000 emails when I only send like 20-40 a day max.
So I want to take a look at whats going on, what emails have been sent/received and are still in queue?
Can can I access my mail queue using Plesk? And then how can I delete them?
Not by choice but I got a machine running qmail with vpopmail on it. The queue on this thing is ridiculously long and doesn't seem to be getting any smaller due to the large amounts of spam sent to several domains under it.
Most of the spam is coming in the form of a@domain.com aa@domain.com ect. So I figured rather than bounce the mail back to these non existent addresses rather go the route of /dev/null. Now for qmail you'd just do # but seems for vpopmail that does not work.
So my .qmail-default have the following currently:
/usr/local/vpopmail/bin/vdelivermail '' /dev/null
Unfortunately it still sends mail back to the user who sent the mail but it sends it was delivered to /dev/null.
So any suggestions on to get that working and ways to manage this queue a heck of a lot better?
here is my problem.. i am running qmail on a plesk control panel. my load average around 15.. when i quit qmail it drops below 1.. when i clear out the queue it drops below 1, then it slowly starts rising back to 15.. i ignored my queue for a little while and it stacked up to 26k in the local queue and 1k in the local queue. overnight it builds up to 2k in the local queue and 12 in the remote.. i thought a php script was exploited so i tracked down every script using the mail function that i thought might be doing it and disabled them. i noticed some difference but the queue is still building up rapidly.. i also altered the /usr/sbin/sendmail so it will log all mail sent and that doesn't pose a problem as only 10 emails have been sent via /usr/sbin/sendmail in the last 24 hours. i also tested my server for open relays via abuse.net and it passed the open relay tests. what else could be happening? all the email in the queue is spam.. where is it coming from? some is being sent to users on the server and some is not.. i am at a total loss right now, and really need to get this problem solved. thanks for any help.....
my friend has an vps and he has some trouble sending mail to 1 particular host such as hotmail, all the remaining hosts the mails are sent, but only to tht particular mail host the mails are not sent regularly, some times they recv it some times they don't
checked webmail, couldn't see any failed/bounced mail mail msg, so not sure why this is happening, so I want to check the mail-queue for him to check the status of tht particular host, if I could try to sort them out directly with the mail server for him.
I had this spam problem on my server. Some perl scripts uploaded to /tmp folder were generating lots of spam email. We stopped sendmail, cleaned the server from all the bugs and erased all the messages in /var/spool/mqueue. Yet when I start sendmail again I begin receiving lots of autoresponders and returned emails. Where are those incoming mails located? In which queue?
So I need to execute a list of commands via a cron job rather than having the script 'wait' for the shell to finish processing (as this was leading to time outs and all sorts of issues).
I'm guessing the way to do this is to have my php set up a cron job to occur at some point in the near future (like current time + 1 min), then to prevent the job from repeating the next hour, it removes itself from the cron list as the final command.
Does this sound like a reasonable way to go about executing a queue of shell commands from the browser that take an indefinite (possibly long) amount of time?
