Thursday, October 22, 2009

EXIM Mail Server Commands

To send mail from a server,

mail -v emailid
Press "." till finishes

Check the status from
tail -f /var/log/exim_mainlog

####################
# Queues information
####################
Queues information

Print a count of the messages in the queue:
Quote:
root@localhost# exim -bpc

Print a listing of the messages in the queue (time queued, size,
message-id, sender, recipient):
Quote:
root@localhost# exim -bp

Print a summary of messages in the queue (count, volume, oldest, newest,
domain, and totals):
Quote:
root@localhost# exim -bp | exiqsumm

Generate and display Exim stats from a logfile:
Quote:
root@localhost# eximstats /path/to/exim_mainlog

Generate and display Exim stats from a logfile, with less verbose
output:
Quote:
root@localhost# eximstats -ne -nr -nt /path/to/exim_mainlog

Generate and display Exim stats from a logfile, for one particular day:
Quote:
root@localhost# fgrep 2007-02-16 /path/to/exim_mainlog | eximstats

Print what Exim is doing right now:
Quote:
root@localhost# exiwhat

To delete frozen emails
Quote:
exim -bp | awk '$6~"frozen" { print $3 }' | xargs exim -Mrm

To deliver emails forcefully
Quote:
exim -qff -v -C /etc/exim.conf &

To delete nobody mails
Quote:
exim -bp | grep nobody | awk '{print $3}' | xargs exim -Mrm
delete all mails

exim -bp | awk '{print $3}' | xargs exim -Mrm

#####################
# Searching the queue
#####################
Searching the queue

Exim includes a utility that is quite nice for grepping through the
queue, called exiqgrep. Learn it. Know it. Live it. If you're not using
this, and if you're not familiar with the various flags it uses, you're
probably doing things the hard way, like piping `exim -bp` into awk,
grep, cut, or `wc -l`.

Search the queue for messages from a specific sender:
Quote:
root@localhost# exiqgrep -f [luser]@domain

Search the queue for messages for a specific recipient/domain:
Quote:
root@localhost# exiqgrep -r [luser]@domain

Print just the message-id as a result of one of the above two searches:
Quote:
root@localhost# exiqgrep -i [ -r | -f ] ...

Print a count of messages matching one of the above searches:
Quote:
root@localhost# exiqgrep -c [ -r | -f ] ...

Print just the message-id of the entire queue:
Quote:
root@localhost# exiqgrep -i

Managing the queue, Start a queue run:
Quote:
root@localhost# exim -q -v

Start a queue run for just local deliveries:
Quote:
root@localhost# exim -ql -v

Remove a message from the queue:
Quote:
root@localhost# exim -Mrm [ ... ]

Freeze a message:
Quote:
root@localhost# exim -Mf [ ... ]

Thaw a message:
Quote:
root@localhost# exim -Mt [ ... ]

Deliver a specific message:
Quote:
root@localhost# exim -M [ ... ]

Force a message to fail and bounce:
Quote:
root@localhost# exim -Mg [ ... ]

Remove all frozen messages:
Quote:
root@localhost# exiqgrep -z -i | xargs exim -Mrm

Remove all messages older than five days (86400 * 5 = 432000 seconds):
Quote:
root@localhost# exiqgrep -o 1296000 -i | xargs exim -Mrm

Freeze all queued mail from a given sender:
Quote:
root@localhost# exiqgrep -i -f luser@example.tld | xargs exim -Mf

View a message's headers:
Quote:
root@localhost# exim -Mvh

View a message's body:
Quote:
root@localhost# exim -Mvb

View a message's logs:
Quote:
root@localhost# exim -Mvl
--------------------------------------------------------------------------------
#############################
# Message-IDs and spool files
#############################
Message-IDs and spool files
Message-IDs and spool files

The message-IDs that Exim uses to refer to messages in its queue are
mixed-case alpha-numeric, and take the form of: XXXXXX-YYYYYY-ZZ. Most
commands related to managing the queue and logging use these
message-ids.
There are three -- count 'em, THREE -- files for each message in the
spool directory. If you're dealing with these files by hand, instead of
using he appropriate exim commands as detailed below, make sure you get
them all, and don't leave Exim with remnants of messages in the queue.

Files in /var/spool/exim/msglog contain logging information for each
message and are named the same as the message-id.

Files in /var/spool/exim/input are named after the message-id, plus a
suffix denoting whether it is the envelope header (-H) or message data
(-D).

These directories may contain further hashed subdirectories to deal with
larger mail queues, so don't expect everything to always appear directly
on the top /var/spool/exim/input or /var/spool/exim/msglog directories;
any searches or greps will need to be recursive. See if there is a
proper way to do what you're doing before working directly on the spool
files.
---------------------------------------------------------------------------------------------------------------------------------------------
###################
# Setting Exim Mail
###################
Setting Exim Mail
One common problem people have is an incorrectly setup mail system. Here
is a list of rules that must be followed:

1) hostname must not match any domain that is being used on the system.
Example, if you have a domain called domain.com and you want to recieve
mail on user@domain.com, you must *not* set your hostname to domain.com.
We recommend using server.domain.com instead. You must make sure that
you add the A record for server.domain.com so that it resolves.

2) The hostname must be in the /etc/virtual/domains file.

3) The hostname must *not* be in the /etc/virtual/domainowners file.

4) The hostname must resolve. If not, add the required A records to the
dns zone such that it does.

5) The directory /etc/virtual/hostname must exist..
(eg: /etc/virtual/server.domain.com). It must not contain any files.

6) Any domains that you want to use for email (eg: domain.com) must be
in both the /etc/virtual/domains file and the /etc/virtual/domainowners
file. The directory /etc/virtual/domain.com must exist and the
files /etc/virtual/domain.com/passwd and /etc/virtual/domain.com/aliases
exist.

7) File permissions for virtual pop inboxes should be:
Quote:
/var/spool/virtual/domain.com 770 username:mail
/var/spool/virtual/domain.com/* 660 username:mail
If you've made any changes to you /etc/exim.conf file and require a
fresh copy, you can retrieve one by running
Quote:
wget -O /etc/exim.conf http://files.directadmin.com/services/exim4.conf
A restart of exim is required after installing a new exim.conf file.

8) Ensure your hostname does not contain any upper case letters.

9) Make sure that your main server IP has a reverse lookup on it.
---------------------------------------------------------------------------------------------------------------------------------------------

###################
# Exim Error Fixing
###################
Exim Error Fixing
550-Verification failed for user@email.com

This error will occur if exim cannot verify the sending email address.
This might be because the domain doesn't return an MX record, or the
email account itself doesn't exist.

To disable the check, edit your /etc/exim.conf and change

Quote:
require verify = sender
to
#require verify = sender

And then restart exim.
---------------------------------------------------------------------------------------------------------------------------------------------

550 Sender verify failed

If we face the 550 Sender verify failed error message while sending the
mails or receving the mails from a domain then the possible reasons can
be

1) Reverse DNS entries for MX records
2) Acceptance of postmaster address in DNS Report.

Simply, check the "/etc/valiases/domain.com" file and replace "fail" or
"blackhole" with a valid email account on that domain.
Then restart exim on server.

This will fix the error in "Acceptance of postmaster address" on DNS
Report page.
---------------------------------------------------------------------------------------------------------------------------------------------

550 Relaying denied

We do not see the sendmail configurations removed. Please take a minute
to read the sendmail documentation at:
http://www.sendmail.org/~ca/email/relayingdenied.html

There are two cases in which you may get an undesired 550 Relaying
denied:

1. local sender to external recipient: Then the relay (relay=host.domain
[IP.ADD.RE.SS]) must be in the relevant classes or maps:
* 8.9-8.12: access map: RELAY, class R, or class m
* HACKs for 8.8: HACK(use_ip), HACK(use_names), or _LOCAL_IP_MAP_

What you are trying to do is what is described above as "local sender to
external recipient" and you are getting a relaying denied. The only
solution to this is to add your IP to the relay domain, and this is as
advised by the sendmail team themselves. Since they have clearly stated
it as thus, it is clear that sendmail is configured as above. Hence you
can either add an ip range to relay or will have to add them every time
you do it manually.

Here are the telnet results to port 25:

[root@niKx ~]# t 72.249.32.237 25
Trying 72.249.32.237...
Connected to sqatest.com (72.249.32.237).
Escape character is '^]'.
220 server.rozinskiy.com ESMTP Sendmail 8.13.1/8.13.1; Mon, 30 Apr 2007
00:04:16 -0500
helo yahoo.com
250 server.rozinskiy.com Hello [59.93.40.156], pleased to meet you
mail from: sqatest@odessit.com
250 2.1.0 sqatest@odessit.com... Sender ok
rcpt to: mailzoom@gmail.com
550 5.7.1 mailzoom@gmail.com... Relaying denied. IP name lookup failed
[IP]

[root@niKx ~]# t 72.249.32.237 25
Trying 72.249.32.237...
Connected to rozinskiy.com (72.249.32.237).
Escape character is '^]'.
220 server.rozinskiy.com ESMTP Sendmail 8.13.1/8.13.1; Mon, 30 Apr 2007
00:11:55 -0500
helo odessit.com
250 server.rozinskiy.com Hello [59.93.40.156], pleased to meet you
mail from: odessit@odessit.com
250 2.1.0 odessit@odessit.com... Sender ok
rcpt to: odessit@odessit.com
250 2.1.5 odessit@odessit.com... Recipient ok

As you can see, the second trial to a mail inside the server is
accepted. This clearly means, as you have identified earlier that your
IP address should be at the relay list to have the mails sent.

The Solution: The only solution in this case is to implement a script by
means of which an IP who logs into the server for pop is also allowed to
relay through the server dynamically. Since, sendmail by default does
not provide a solution to this, you can implement something that is
described here: http://lena.franken.de/linux/daemons.html ; the part
under "How to make SMTP after POP run without modifying daemons". We are
not sure of the functionality, but it is sure worth a try.
----------------------------------------------------------------------
##############
# Horde Issues
##############
Horde Issues
Horde scripts

/scripts/fullhordereset
/scripts/resethorde
---------------------------------------------------------------------------------------------------------------------------------------------

If there is a problem say, cannot login to horde or so, try this, you
just need to cut n paste the following at the shell, mysql prompt.
Before going for the below make sure database named horde exists or not.
If exists you need to delete it first then try the below.


create database horde;
use horde;
CREATE TABLE horde_users (
user_uid VARCHAR(255) NOT NULL,
user_pass VARCHAR(255) NOT NULL,
user_soft_expiration_date INT,
user_hard_expiration_date INT,

PRIMARY KEY (user_uid)
);

GRANT SELECT, INSERT, UPDATE, DELETE ON horde_users TO horde@localhost;

CREATE TABLE horde_prefs (
pref_uid VARCHAR(200) NOT NULL,
pref_scope VARCHAR(16) NOT NULL DEFAULT '',
pref_name VARCHAR(32) NOT NULL,
pref_value LONGTEXT NULL,

PRIMARY KEY (pref_uid, pref_scope, pref_name)
);

CREATE INDEX pref_uid_idx ON horde_prefs (pref_uid);
CREATE INDEX pref_scope_idx ON horde_prefs (pref_scope);
GRANT SELECT, INSERT, UPDATE, DELETE ON horde_prefs TO horde@localhost;

CREATE TABLE horde_datatree (
datatree_id INT NOT NULL,
group_uid VARCHAR(255) NOT NULL,
user_uid VARCHAR(255) NOT NULL,
datatree_name VARCHAR(255) NOT NULL,
datatree_parents VARCHAR(255) NOT NULL,
datatree_order INT,
datatree_data TEXT,
datatree_serialized SMALLINT DEFAULT 0 NOT NULL,

PRIMARY KEY (datatree_id)
);

CREATE INDEX datatree_datatree_name_idx ON horde_datatree
(datatree_name);
CREATE INDEX datatree_group_idx ON horde_datatree (group_uid);
CREATE INDEX datatree_user_idx ON horde_datatree (user_uid);
CREATE INDEX datatree_serialized_idx ON horde_datatree
(datatree_serialized);

CREATE TABLE horde_datatree_attributes (
datatree_id INT NOT NULL,
attribute_name VARCHAR(255) NOT NULL,
attribute_key VARCHAR(255) DEFAULT '' NOT NULL,
attribute_value TEXT
);

CREATE INDEX datatree_attribute_idx ON horde_datatree_attributes
(datatree_id);
CREATE INDEX datatree_attribute_name_idx ON horde_datatree_attributes
(attribute_name);
CREATE INDEX datatree_attribute_key_idx ON horde_datatree_attributes
(attribute_key);

GRANT SELECT, INSERT, UPDATE, DELETE ON horde_datatree TO
horde@localhost;
GRANT SELECT, INSERT, UPDATE, DELETE ON horde_datatree_attributes TO
horde@localhost;

CREATE TABLE horde_tokens (
token_address VARCHAR(100) NOT NULL,
token_id VARCHAR(32) NOT NULL,
token_timestamp BIGINT NOT NULL,

PRIMARY KEY (token_address, token_id)
);

GRANT SELECT, INSERT, UPDATE, DELETE ON horde_tokens TO horde@localhost;

CREATE TABLE horde_vfs (
vfs_id BIGINT NOT NULL,
vfs_type SMALLINT NOT NULL,
vfs_path VARCHAR(255) NOT NULL,
vfs_name VARCHAR(255) NOT NULL,
vfs_modified BIGINT NOT NULL,
vfs_owner VARCHAR(255) NOT NULL,
vfs_data LONGBLOB,

PRIMARY KEY (vfs_id)
);

CREATE INDEX vfs_path_idx ON horde_vfs (vfs_path);
CREATE INDEX vfs_name_idx ON horde_vfs (vfs_name);

GRANT SELECT, INSERT, UPDATE, DELETE ON horde_vfs TO horde@localhost;

CREATE TABLE horde_histories (
history_id BIGINT NOT NULL,
object_uid VARCHAR(255) NOT NULL,
history_action VARCHAR(32) NOT NULL,
history_ts BIGINT NOT NULL,
history_desc TEXT,
history_who VARCHAR(255),
history_extra TEXT,

PRIMARY KEY (history_id)
);

CREATE TABLE horde_histories_seq (
id int(10) unsigned NOT NULL auto_increment,
PRIMARY KEY (id)
);

CREATE TABLE horde_datatree_seq (
id int(10) unsigned NOT NULL auto_increment,
PRIMARY KEY (id)
);


CREATE INDEX history_action_idx ON horde_histories (history_action);
CREATE INDEX history_ts_idx ON horde_histories (history_ts);
CREATE INDEX history_uid_idx ON horde_histories (object_uid);

GRANT SELECT, INSERT, UPDATE, DELETE ON horde_histories TO
horde@localhost;
GRANT SELECT, INSERT, UPDATE, DELETE ON horde_histories_seq TO
horde@localhost;
GRANT SELECT, INSERT, UPDATE, DELETE ON horde_datatree_seq TO
horde@localhost;

CREATE TABLE horde_sessionhandler (
session_id VARCHAR(32) NOT NULL,
session_lastmodified INT NOT NULL,
session_data LONGBLOB,

PRIMARY KEY (session_id)
) ENGINE = InnoDB;

GRANT SELECT, INSERT, UPDATE, DELETE ON horde_sessionhandler TO
horde@localhost;

FLUSH PRIVILEGES;
---------------------------------------------------------------------------------------------------------------------------------------------

###############
# Squirrel Mail
###############
Squirrel Mail
If you have below mentioned error
Warning: main(../config/config.php): failed to open stream: No such file
or directory
in /usr/local/cpanel/base/3rdparty/squirrelmail/functions/global.php on
line 18

Fatal error: main(): Failed opening required
‘../config/config.php’ (include_path=’/usr/local/cpanel/3rdparty/lib/php/:.’) in /usr/local/cpanel/base/3rdparty/squirrelmail/functions/global.php on line 18

then run

/scripts/fixwebmail and if you get something like this:

chown: failed to get attributes of
`/usr/local/etc/cpanel/base/webmail/data’: No such file or directory
chmod: failed to get attributes of
`/usr/local/etc/cpanel/base/webmail/data’: No such file or directory

then execute via SSH
cp
-p /usr/local/cpanel/base/3rdparty/squirrelmail/config/config_default.php /usr/local/cpanel/base/3rdparty/squirrelmail/config/config.php
Thats it refresh your inbox page of squirrelmail now and you wont see
those errors there.
---------------------------------------------------------------------------------------------------------------------------------------------

If you are getting this error in your inbox of your squirrel mail
account

ERROR:
ERROR: Could not complete request.
Query: SELECT “INBOX.Drafts�
Reason Given: Unable to open this mailbox.

ERROR:
ERROR: Could not complete request.
Query: SELECT “INBOX.Sent�
Reason Given: Unable to open this mailbox.

then it simply means that there is some problem with the sent and Draft
folder in your email accounts just create that at its loacation and
assign the proper file permission to both the folders as well as check
the other configuration file in perticular format which is been needed
there as by your mail services you are using on the server.

fo example if you there is imap configured there for your account then
you can do this

Go to

cd /home/UserName/mail/Domainname.com/emailIDUsername/.Sent

mkdir new; mkdir cur; mkdir tmp
chown username.mail *
---------------------------------------------------------------------------------------------------------------------------------------------

#################################
# Converting To maildir on Server
#################################
Converting To maildir on Server
We Dont worry about converting to MailDir on server …follow this ….

A) /scripts/convert2maildir

choose option 1.. Backup all mail folders on this server
3.. Start maildir conversion process

B) /scripts/courierup –force

C) /scripts/eximup –force

D) /scripts/upcp –force

E) /scripts/convert2maildir

choose option 3… to convert partially converted mail accounts

#################
# exim optimizing
#################
----------
variables which already exist (cpanel servers), change their value to

smtp_receive_timeout = 100s
smtp_connect_backlog = 12
smtp_accept_max = 12

variables which donot exist and need to add them, can add below
'smtp_accept_max' (or any location within main section)



smtp_accept_max_per_connection = 3
smtp_accept_max_per_host = 5
smtp_accept_queue = 12
smtp_accept_keepalive = false
queue_only_load = 3
----------

Explaining the variables is beyond the scope of this mail. Note that
this will considerably reduce the volume of simultaneous incomming
mails. In busy servers you may see delay in receiving mails but will not
cause permanent failure. If the client complaints delay in receiving
mails you can increase the values (find the exact variable and increase
it). The above are optimized values which can be used most servers (used
in Bobby's servers).


After changing the values, restart exim and check the number of exim
process, they will be only 3 or 4 process (average).
######
# spam
######
Stop PHP nobody Spammers

Update: May 25, 2005:
- Added Logrotation details
- Added Sample Log Output

PHP and Apache has a history of not being able to track which users are sending out mail through the PHP mail function from the nobody user causing leaks in formmail scripts and malicious users to spam from your server without you knowing who or where.

Watching your exim_mainlog doesn't exactly help, you see th email going out but you can't track from which user or script is sending it. This is a quick and dirty way to get around the nobody spam problem on your Linux server.

If you check out your PHP.ini file you'll notice that your mail program is set to: /usr/sbin/sendmail and 99.99% of PHP scripts will just use the built in mail(); function for PHP - so everything will go through /usr/sbin/sendmail =)

Requirements:
We assume you're using Apache 1.3x, PHP 4.3x and Exim. This may work on other systems but we're only tested it on a Cpanel/WHM Red Hat Enterprise system.

Time:
10 Minutes, Root access required.

Step 1)
Login to your server and su - to root.

Article provided by WebHostGear.com

Step 2)
Turn off exim while we do this so it doesn't freak out.
/etc/init.d/exim stop

Step 3)
Backup your original /usr/sbin/sendmail file. On systems using Exim MTA, the sendmail file is just basically a pointer to Exim itself.
mv /usr/sbin/sendmail /usr/sbin/sendmail.hidden

Step 4)
Create the spam monitoring script for the new sendmail.
pico /usr/sbin/sendmail

Paste in the following:


#!/usr/local/bin/perl

# use strict;
use Env;
my $date = `date`;
chomp $date;
open (INFO, ">>/var/log/spam_log") || die "Failed to open file ::$!";
my $uid = $>;
my @info = getpwuid($uid);
if($REMOTE_ADDR) {
print INFO "$date - $REMOTE_ADDR ran $SCRIPT_NAME at $SERVER_NAME n";
}
else {

print INFO "$date - $PWD - @infon";

}
my $mailprog = '/usr/sbin/sendmail.hidden';
foreach (@ARGV) {
$arg="$arg" . " $_";
}

open (MAIL,"|$mailprog $arg") || die "cannot open $mailprog: $!n";
while ( ) {
print MAIL;
}
close (INFO);
close (MAIL);


Step 5)
Change the new sendmail permissions
chmod +x /usr/sbin/sendmail

Step 6)
Create a new log file to keep a history of all mail going out of the server using web scripts
touch /var/log/spam_log

chmod 0777 /var/log/spam_log

Step 7)
Start Exim up again.
/etc/init.d/exim start

Step 8)
Monitor your spam_log file for spam, try using any formmail or script that uses a mail function - a message board, a contact script.
tail - f /var/log/spam_log

Sample Log Output

Mon Apr 11 07:12:21 EDT 2005 - /home/username/public_html/directory/subdirectory - nobody x 99 99 Nobody / /sbin/nologin

Log Rotation Details
Your spam_log file isn't set to be rotated so it might get to be very large quickly. Keep an eye on it and consider adding it to your logrotation.

pico /etc/logrotate.conf

FIND:
# no packages own wtmp -- we'll rotate them here
/var/log/wtmp {
monthly
create 0664 root utmp
rotate 1
}

ADD BELOW:

# SPAM LOG rotation
/var/log/spam_log {
monthly
create 0777 root root
rotate 1
}
Posted by at

2 comments:

Anonymous said...

I congratulate, the remarkable answer...

August 13, 2010 at 2:25 PM
Anonymous said...

Hej , mitt namn är Yohan och jag fann detta forum och dess medlemmar riktigt nice!

November 15, 2012 at 9:48 PM

Post a Comment

Subscribe to: Post Comments (Atom)