Created
March 30, 2017 04:04
-
-
Save rushipkar90/4bee8a65cd80ddf6d6926c0d82c97ae7 to your computer and use it in GitHub Desktop.
postfix commands
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Ref Links: | |
| ============= | |
| https://jvulinux.wordpress.com/2014/12/26/commands-to-check-spamming-in-postfix-mail-server/ | |
| https://www.cyberciti.biz/tips/howto-postfix-flush-mail-queue.html | |
| ============= | |
| Commands to check spamming in POSTFIX mail server | |
| 1. To see the mail queue: | |
| # mailq | |
| 2. To flush the mail queue: | |
| # postfix flush OR | |
| # postfix -f | |
| 3. To remove all mails from the queue: | |
| # postsuper -d ALL | |
| 4. To remove all mails in the deferred queue: | |
| # postsuper -d ALL deferred | |
| 5. To delete all queued messages from or to the domain called spamdomain.com: | |
| # ./postfix-delete.pl spamdomain.com | |
| ./postfix-delete.pl script | |
| ======================== | |
| #!/usr/bin/perl | |
| $REGEXP = shift || die "no email-adress given (regexp-style, e.g. bl.*\@yahoo.com)!"; | |
| @data = qx</usr/sbin/postqueue -p>; | |
| for (@data) { | |
| if (/^(\w+)(\*|\!)?\s/) { | |
| $queue_id = $1; | |
| } | |
| if($queue_id) { | |
| if (/$REGEXP/i) { | |
| $Q{$queue_id} = 1; | |
| $queue_id = ""; | |
| } | |
| } | |
| } | |
| #open(POSTSUPER,"|cat") || die "couldn't open postsuper" ; | |
| open(POSTSUPER,"|postsuper -d -") || die "couldn't open postsuper" ; | |
| foreach (keys %Q) { | |
| print POSTSUPER "$_\n"; | |
| }; | |
| close(POSTSUPER); | |
| ======================== | |
| 6. To delete all queued messages that contain the word “abc” in the e-mail address: | |
| # ./postfix-delete.pl abc | |
| 7. To know the number of messages sitting in the deferred queue: | |
| # find /var/spool/postfix/deferred -type f | wc -l | |
| 8. To get a sorted list of the accounts that have the most mail in the queue. This usually means a maximum of 2 or 3 spammers at the end of the list: | |
| # mailq|grep ^[A-F0-9]|cut -c 42-80|sort |uniq -c|sort -n|tail | |
| 9.Get the mailids of all email currently in queue: | |
| postqueue -p|egrep “[A-F0-9]{11}”|awk ‘{print $1}’ | |
| 10.To view message content in queue with id xxxxxxxxxxx | |
| postcat -vq xxxxxxxxxxx | |
| Useful commands | |
| Log Location: /usr/local/psa/var/log/maillog | |
| View the log in realtime | |
| tail -f /usr/local/psa/var/log/maillog | |
| Check Postfix Queue | |
| postqueue -p | |
| Perform actions on the Queue | |
| #Remove all unsent mailer daemon notifications | |
| mailq|awk ' /^[0-9A-F][0-9A-F]*[^*].*MAILER-DAEMON$/ {print $1}'|sudo xargs -rn1 postsuper -d | |
| #delete based on the from address: | |
| mailq|awk ' /^[0-9A-F][0-9A-F]*.*mail.ru$/ {print $1}'|tr -d '*'| xargs -rn1 postsuper -d | |
| #Read a message in the Postfix Queue | |
| postcat -q MESSAGE_ID | |
| #Resend messages in the queue | |
| postqueue -f | |
| # Delete all messages in Queue | |
| postsuper -d ALL | |
| #Test Email sending from postfix | |
| echo "Test mail from postfix" | mail -s "Test Postfix" [email protected] | |
| #Check for serious errors in the log | |
| egrep '(reject|warning|error|fatal|panic):' /usr/local/psa/var/log/maillog | more | |
| #Postfix Guides | |
| Create a little script for managing Queue | |
| Create file /root/mailq.pl | |
| Set permissions to allow root execution | |
| Dump this into it: | |
| ------------------------------ | |
| #!/usr/bin/env perl | |
| use strict; use warnings; use Symbol; sub count { my ($dir) = @_; my $dh = gensym(); my $c = 0; opendir($dh, $dir) or die “$0: opendir: $dir: $!\n”; while (my $f = readdir($dh)) { if ($f =~ m{^[A-F0-9]{5,}$}) { ++$c; } elsif ($f =~ m{^[A-F0-9]$}) { $c += count(“$dir/$f”); } } closedir($dh) or die “closedir: $dir: $!\n”; return $c; } my $qdir = postconf -h queue_directory; chomp($qdir); chdir($qdir) or die “$0: chdir: $qdir: $!\n”; printf “Incoming: %d\n”, count(“incoming”); printf “Active: %d\n”, count(“active”); printf “Deferred: %d\n”, count(“deferred”); printf “Bounced: %d\n”, count(“bounce”); printf “Hold: %d\n”, count(“hold”); printf “Corrupt: %d\n”, count(“corrupt”); | |
| Execute by typing /root/mailq.pl | |
| ------------------------------ | |
| Secure postfix by customizing the configuration | |
| http://www.freesoftwaremagazine.com/articles/focus_spam_postfix | |
| Secure postfix using fail2ban | |
| http://www.dp.cx/blog/postfix—fail2ban—win.html#.UYFohCs4XOU | |
| Switch Mail Transfer Agents in Plesk from Qmail to Postfix and back | |
| Determine which MTA is currently in use | |
| /usr/local/psa/admin/sbin/mailmng --features | grep SMTP_Server | |
| Stop SMTP Service and let queue send out what’s in it first, as the queue is destroyed when switching | |
| /usr/local/psa/admin/sbin/mailmng –stop-smtpd | |
| To flush the queue (deliver all mail in it), use the following commands: | |
| QMail MTA: kill -ALRM `pidof qmail-send` | |
| Postfix MTA: postqueue -f | |
| Switch MTA | |
| /usr/local/psa/admin/sbin/autoinstaller --select-release-current --install-component postfix | |
| /usr/local/psa/admin/sbin/autoinstaller --select-release-current --install-component qmail | |
| Add Gmail to certificate | |
| http://stevejenkins.com/blog/2011/06/fixing-postfix-certificate-verification-failed-for-gmail-untrusted-issuer-error-message/ | |
| Fix Google SSL support | |
| edit /etc/postfix/main.cf | |
| Find/edit this section: | |
| smtpd_tls_security_level = none | |
| smtpd_use_tls = yes | |
| smtp_tls_security_level = may | |
| smtp_use_tls = no | |
| Further steps to secure sever | |
| http://www.howtoforge.com/virtual_postfix_antispam | |
| etc/postfix/mail.cf | |
| Remove announcement details | |
| By default Postfix appends a little announcement to outgoing messages saying that this email is powered by Postfix. It’s best to give hackers as little information as possible about your server, so you should remove the banner by finding the line for smtpd_banner in the configuration file and setting it to: | |
| smtpd_banner = $myhostname ESMTP | |
| Set to only accept local emails for delivery | |
| change inet_interfaces = all to `inet_interfaces = localhost | |
| Add this stuff to block bad SMTP requests | |
| ### Checks to remove badly formed email smtpd_helo_required = yes strict_rfc821_envelopes = yes disable_vrfy_command = yes | |
| unknown_address_reject_code = 554 unknown_hostname_reject_code = 554 unknown_client_reject_code = 554 | |
| smtpd_helo_restrictions = permit_mynetworks, reject_invalid_hostname, regexp:/etc/postfix/helo.regexp, permit | |
| smtpd_recipient_restrictions = reject_invalid_hostname, ### Can cause issues with Auth SMTP, so be weary! ### reject_non_fqdn_hostname, ################################## reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, permit_mynetworks, reject_unauth_destination, reject_rbl_client cbl.abuseat.org, reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net | |
| /etc/postfix/helo.regexp | |
| Create /etc/postfix/helo.regexp and set contents to: | |
| /^subdomain.host.com$/ 550 Don’t use my own hostname /^xxx.yyy.zzz.xxx$/ 550 Don’t use my own IP address /^[xxx.yyy.zzz.xxx]$/ 550 Don’t use my own IP address /^[0-9.]+$/ 550 Your software is not RFC 2821 compliant /^[0-9]+(.[0-9]+){3}$/ 550 Your software is not RFC 2821 compliant | |
| https://gist.github.com/facelordgists/5761101#useful-commands | |
| http://serverxpert.blogspot.in/2012/04/commands-to-check-spamming-in-postfix.html | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment