Exim Mail removal using script

If an Exim based mail server suffers from a spammer attack through an exploited web site or a script, it is required to delete all the offending mails of the spammer.

You can use the below mentioned script which does exactly the required. The mentioned script will scan through your server’s mail queue and deletes all the mail that match the sender or the recipient address that you specify.

In order to use the script, please login to your server via the SSH and execute the below mentioned command:

vi /bin/queuesweep

Press the key i and notice the message “—- INSERT -—” at the bottom of your window or terminal. Now you can copy and paste the below mentioned lines:

#!/bin/sh

if [ $1 ]; then
echo “`exim -bpru | tr ‘\n’ + | sed -e “s/++/=/g” | tr -d + | tr = ‘\n’ | grep “$1″ | awk {‘print $3’} | xargs exim -Mrm | wc -l` E- Mails deleted”
else
echo “To delete ALL the `exim -bpc` E-Mails on mail queue, give this command:”
echo “exim -bpru | awk {‘print $3’} | xargs exim -Mrm”
echo “”
echo “If you want to delete only mails that belongs to a specific sender/recipient, use:”
echo “$0 [sender/recipient]”
fi

Press the key ‘ESC’ and then :wq . Now that you have returned to your shell, execute the command:

chmod 700 /bin/queuesweep

The script is ready for execution. You can execute it and pass the email address(sender/receipient), as an argument

Ex :

queuesweep spammer@spammer.com

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.