|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: que fill up problem
From: Magnus Bäck (magnus
dsek.lth.se)
Date: Fri Jan 02 2004 - 11:07:28 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Jan 02 10:44,
jparsonssutv.com wrote:
> I have a user that is infected with a virus, I have blocked thier
> access for now until they are clean, however i didn't get it shutdown
> before they filled up the mail queues with tons of junk mail all
> addressed to aol.com users. the emails forge the senders address, and
> the receipient addresses of the emails, are random or seem to be. the
> only constant on all the headers would be the IP address that the
> messages were sent from. so my question...
>
> is there a command or way to remove all mail from the queues that were
> sent from that IP address?
Use postcat(1) and grep(1) to check the contents of all mail in the
queues, and feed all matching queue ids to postsuper(1). The script
below is not tested, but should be reasonably correct (knock on wood).
#!/bin/sh
IFS=","
PURGE=/tmp/purge
cd `postconf -h queue_directory`
for dir in `postconf -h hash_queue_names` ; do
for msg in `find $dir -type f -print` ; do
if postcat $msg | \
grep '^Received: .*aaa\.bbb\.ccc\.ddd' > /dev/null 2>&1 ;
then
echo `basename $msg` >> $PURGE
fi
done
done
postsuper -d - < $PURGE
rm -f $PURGE
(Yes, this will take some time if you've got thousands of messages
queued up...)
--
Magnus Bäck
magnusdsek.lth.se
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]