Results 1 to 3 of 3

Thread: Enable Extended Logging :: In Exim

  1. 01-14-2005, 07:31 PM #1
    host.co.in's Avatar
    host.co.in
    host.co.in is offline System Administrator
    Send a message via ICQ to host.co.in Send a message via AIM to host.co.in Send a message via MSN to host.co.in Send a message via Yahoo to host.co.in
    Join Date
    Jan 2005
    Location
    Nashik,India
    Posts
    24

    Default Enable Extended Logging :: In Exim

    Hello,

    Ironically, my first post

    To enable extended loggin in exim to trace nobody mails. Try the following trick .

    1. Edit /etc/exim.conf

    2. On the second line add :

    log_selector = +address_rewrite +all_parents +arguments +connection_reject +delay_delivery +delivery_size +dnslist_defer +incoming_interface +incoming_port +lost_incoming_connection +queue_run +received_sender +received_recipients +retry_defer +sender_on_delivery +size_reject +skip_delivery +smtp_confirmation +smtp_connection +smtp_protocol_error +smtp_syntax_error +subject +tls_cipher +tls_peerdn \

    Make sure all that comes on a single line.

    3. Save and exit.

    4. Restart Exim.

    A little bit luck and you should be able to catch the spammer.

    Regards,

    Piyush.
    Reply With Quote Reply With Quote
  2. 08-26-2006, 01:18 AM #2
    Jayesh_M
    Jayesh_M is offline Junior Member
    Join Date
    Nov 2005
    Posts
    23

    Default

    Hello,

    Use following two script to catch the spammer.

    1. exim -bpr | grep "<*@*>" | awk '{print $4}'|grep -v "<>" | sort | uniq -c | sort -n

    That will show you the maximum no of email currently in the mail queue have from or to the email address in the mail queue with exact figure.

    2. exim -bpr | grep "<*@*>" | awk '{print $4}'|grep -v "<>" |awk -F "@" '{ print $2}' | sort | uniq -c | sort -n

    That will show you the maximum no of email currently in the mail queue have for the domain or from the domain with number.

    Also you can try following command that will show you the script which is using script to send the email.

    If it is from php then use
    /var/spool/exim/input
    egrep "X-PHP-Script" * -R
    Just cat the ID that you get and you will be able to check which script is here causing problem for you.

    That may help you a lot to catch the spammer.

    Regards,
    Jayesh.M.
    Reply With Quote Reply With Quote
  3. 04-29-2007, 09:12 PM #3
    Tukaram
    Tukaram is offline Member
    Join Date
    May 2005
    Posts
    44

    Thumbs up

    Hello,

    Also check with following commands:

    # exim -bpc

    This will give you the number of emails available in the queue

    #exim -bpr

    This will give you the list if email IDs which are currently in queue

    If you find the frozen email with mail queue then you have to remove the frozen email with grep frozen.

    #exim -bpr | grep frozen | awk {'print $3"} | xargs exim -Mrm ;


    Best Regards,
    Tuks
    Reply With Quote Reply With Quote

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules