Here we provide a particularly useful command-line command that shows you which scripts are responsible for outbound mail. For example, when WordPress themes get exploited, you will see a large number of messages coming out of a long directory inside of the user’s WordPress directory. Very large numbers of messages coming from home directories is ..
Category : Exim
# service exim restart Shutting down clamd: [FAILED] Shutting down exim: [FAILED] Shutting down spamd: [FAILED] # service exim status exim dead but subsys locked There may be 2 issues to check. -The presence of /etc/eximdisable, just move this file to eximdisable-bak and restart exim # mv /etc/eximdisable /etc/eximdisable-bak # service exim restart Shutting down ..
If you want everyone on the server to send out on the same IP, just add the following to # nano /etc/mailips: *: xxx.xxx.xxx.xxx Then add the IP and it’s matching PTR to /etc/mail_reverse_dns: # nano /etc/mail_reverse_dns # xxx.xxx.xxx.xxx hostname.tld This will tell Exim to use that IP for any sender on the server. Restart ..
If the exim mail queue is filled with spam, you can remove the email as follows: Clearing mail queue by running the following command: # exim -bp | exiqgrep -i | xargs exim -Mrm http://www.cyberciti.biz/faq/exim-remove-all-messages-from-the-m..
Stopping Exim in WHM restarts. What’s up? You should use # service exim stop to stop the mail server, and # chkconfig exim off to keep it from startin..
Error: LOG: MAIN cwd=/usr/local/cpanel/whostmgr/docroot 4 args: /usr/sbin/exim -v -M 1WkPBs-0003X3-Nmdelivering 1WkPBs-0003X3-NmLOG: MAIN PANIC failed to expand condition “${if and{{bool_lax{NULL}}{bool_lax{${perl{should_archive_outgoing_message}}}}}}” for archive_outgoing_email router: Undefined subroutine &main::should_archive_outgoing_message called. inside “and{…}” conditionLOG: MAIN PANIC failed to expand condition “${if and{{bool_lax{NULL}}{bool_lax{${if eq {$authenticated_id}{}{0}{${if eq {$sender_address}{$local_part@$domain}{0}{${if match{$received_protocol}{N^e?smtps?a$N}{${perl{checkbx_autowhitelist}{$authenticated_id}}}{${if eq{$received_protocol}{local}{${perl{checkbx_autowhitelist}{$sender_ident}}}{0}}}}}}}}}}}}” for boxtrapper_autowhitelist router: Undefined subroutine &main::checkbx_autowhitelist called. inside “and{…}” conditionLOG: MAIN PANIC ..
How to locate the top scripts on your server that send out email. You can then search the Exim mail log for those scripts to determine if it looks like spam, and even check your Apache access logs in order to find how a spammer might be using your scripts to send out spam. Login ..
Here are some useful things to know for managing an Exim 4 server. This assumes a prior working knowledge of SMTP, MTAs, and a UNIX shell prompt. Message-IDs and spool files The message-IDs that Exim uses to refer to messages in its queue are mixed-case alpha-numeric, and take the form of: XXXXXX-YYYYYY-ZZ. Most commands related ..
