The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to stop deleting "Delete Mail Queue"

Discussion in 'E-mail Discussions' started by rip_curl, Feb 9, 2006.

  1. rip_curl

    rip_curl Well-Known Member

    Joined:
    Jan 30, 2005
    Messages:
    81
    Likes Received:
    0
    Trophy Points:
    6
    this process is going very long time.
    & how can i stop it with manual?
     
  2. netkinetics

    netkinetics Well-Known Member

    Joined:
    May 14, 2004
    Messages:
    62
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Home is Baltimore, MD - Currently in the Philippin
    If you have over 1k messages in queue and want to nuke them its best to :

    1 - stop chkservd from restarting exim when you stop it in step 2 (/etc/init.d/chkservd stop)
    2 - stop exim (/etc/rc.d/init.d/exim stop)
    3 - Nuke the queue yourself:

    cd /var/spool/exim/input

    You'll see a directory for every case of every letter that has a corresponding message id beginning with that letter.

    just rm -rf * then re-start exim, or use a utility like find to just remove messages over xx minutes old (past 90-120 mins would be a good candidate).

    Cpanel's utility removes the queue without actually taking exim down, which takes much longer and is impractical when cleaning out a huge queue (and not too load friendly either)

    Even if you're removing the queue, once an hour every hour exim is going to try to deliver them. If the mail queue is huge you're better off doing it through ssh.

    I wrote this a while ago and never posted it anywhere (actually forgot I had it) which can help keep exim's queue from looming too big.

    Code:
    #!/bin/bash
    
    # Simple Exim Queue Cleaner
    # copyrighting this would be pitiful.
    
    # Set trip for however many minutes a queued message should be allowed to live ... 
    
    trip=120
    counter=0
    
    [ -d "/var/spool/exim/input" ] || exit 1
    
    echo "Scanning exim's queue for messages aging at or over $(($trip +1 )) minutes."
    cd /var/spool/exim/input
    for message in `find ? -cmin +$trip -print`; do
      if [ -f "$message" ]; then
        let "counter += 1"
        if [ "$1" = "--show" ]; then
          echo -en "$message\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b"
        fi
        rm -f $message`
        let "i += 1"
      fi
    done
    let "i = $i / 2"
    echo "Done. $i stale emails nuked."
    
    
    This is gentle enough to run via cron to help keep your queue from getting that big. Paste into a file and chmod +x ... I'd run it 2 - 3 times a day on servers that tend to get a bunch of incoming or reciprocal junk.

    The above takes a --show as argv[1] to produce output as it goes, else just send to /dev/null in a cron with no arguments.

    HTH
    :)

    This is probably obvious, but just in case I've edited the post to add :

    don't forget to restart chkservd ;)
     
    #2 netkinetics, Feb 9, 2006
    Last edited: Feb 9, 2006
  3. rip_curl

    rip_curl Well-Known Member

    Joined:
    Jan 30, 2005
    Messages:
    81
    Likes Received:
    0
    Trophy Points:
    6
    Thank you very much for your posting

    I have one more question can cppop fail because I have over 3 000 mails in queue?
     
  4. rustelekom

    rustelekom Well-Known Member
    PartnerNOC

    Joined:
    Nov 13, 2003
    Messages:
    290
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    moscow
    no. it cannot.
     
  5. lloyd_tennison

    lloyd_tennison Well-Known Member

    Joined:
    Mar 12, 2004
    Messages:
    698
    Likes Received:
    1
    Trophy Points:
    18
    It is more important to know why your queue is large. Spammers on your server could be one reason among many others.
     
  6. netkinetics

    netkinetics Well-Known Member

    Joined:
    May 14, 2004
    Messages:
    62
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Home is Baltimore, MD - Currently in the Philippin
    Agreed and I would like to add, the above stuff I posted is just the last line of defense in case you're out having drinks and some ignorant pleab fills up your mail queue.

    An over active queue could come from :

    Spammers
    Hosting forums falling victim to many robot sign ups
    insecure contact forms


    All kinds of wonderful things. exim_mainlog will tell you what you need to know :) An over active queue is symptomatic of something larger... unless you just have a REALLY full server.
     
  7. rip_curl

    rip_curl Well-Known Member

    Joined:
    Jan 30, 2005
    Messages:
    81
    Likes Received:
    0
    Trophy Points:
    6
    i have a "cppop failed" message in my server.
    and users can't connetct to server. what can it be?
    what should I check first?
     
  8. netkinetics

    netkinetics Well-Known Member

    Joined:
    May 14, 2004
    Messages:
    62
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Home is Baltimore, MD - Currently in the Philippin
    You really need to get an admin to look. Something is sending an enormous amount of email and all of the exim (and subsequent processes to catch all the bounces) are preventing other services from forking.

    I would (on a hunch) try

    /usr/sbin/lsof | grep /home as root .. and look for things like email.txt , emails.txt

    If that fails replace home with tmp ..

    You could also try lsof -I (cap i ) and check open inet sockets to see if someone's left you a present sending emails ..

    Someone is abusing your mailer. You need to find out who and null route that MX quickly or the bounced emails will continue to flood the server long after you terminate the account. Hopefully the ttl's aren't too high.

    Step 1 - find them
    Step 2 - Suspend them
    Step 3 - Remove their MX entry right away and reload the zone.
    Step 4 - 40 mins later term the account, and all should stop.

    That should save you the 4 hours (default ttl) of bounced emails coming back at your server.

    If this is a "nobody" spammer (i.e. not sent with anything using suexec) then just term the vhost. There shouldn't be a MX record for the server's hostname .. so once you nuke em it'll quiet down :)

    Hope this helps :) Again - I'd get an admin.
     
    #8 netkinetics, Feb 10, 2006
    Last edited: Feb 10, 2006
  9. rip_curl

    rip_curl Well-Known Member

    Joined:
    Jan 30, 2005
    Messages:
    81
    Likes Received:
    0
    Trophy Points:
    6
    thank you very much for your help.
    A'm a newbie at this & i wanna to an admin myself. :)
     
  10. netkinetics

    netkinetics Well-Known Member

    Joined:
    May 14, 2004
    Messages:
    62
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Home is Baltimore, MD - Currently in the Philippin
    your toolbox for catching a spammer is going to be learning exim's log format, and seeing what you can do with lsof and grep.

    try man lsof (lists open files) to see what you can do. Its a great birds eye view on what everyone has open (and what applications (like exim) are using it.

    Good luck :)
     
Loading...

Share This Page