Control Web Panel
WebPanel => E-Mail => Topic started by: Damir on April 18, 2018, 07:09:35 PM
-
On my email account has received more than 32 000 spams( in 12h )
When I have tried to delete those spams on page ( CWP Admin > Email > Manage Mail Queue )
I have got a error message:
Fatal error
: Maximum execution time of 90 seconds exceeded in /usr/local/cwpsrv/htdocs/resources/admin/modules/mail_queue.php on line 0
I stopped Postfix Mail Server, but next day it's activate again by itself, and now I have more than 53 900 spams for one email account.
I have tried to set new password, but it is not helped.
How to remove those spams?
Thanks
-
#1 - You should change the configuration of your mail server so that the spam filters are enabled. This is to block further receipt of spam mails.
CPanel > Email > MailServer Manager > enable AntiSpam/AntiVirus + rDNS Check if not already enabled > Rebuild mail server.
#2 - To clean up a massive amount of e-mails in the postfix queue, the web interface is not going to work. You'll need to connect to the server using a SSH client, log in with a standard account, SU to get root, then create a PERL script file using the code below and run it with the source or destination e-mail address as parameter:
#!/usr/bin/perl -w
#
# pfdel - deletes message containing specified address from
# Postfix queue. Matches either sender or recipient address.
#
# Usage: pfdel <email_address>
#
use strict;
# Change these paths if necessary.
my $LISTQ = "/usr/sbin/postqueue -p";
my $POSTSUPER = "/usr/sbin/postsuper";
my $email_addr = "";
my $qid = "";
my $euid = $>;
if ( @ARGV != 1 ) {
die "Usage: pfdel <email_address>\n";
} else {
$email_addr = $ARGV[0];
}
if ( $euid != 0 ) {
die "You must be root to delete queue files.\n";
}
open(QUEUE, "$LISTQ |") ||
die "Can't get pipe to $LISTQ: $!\n";
my $entry = <QUEUE>; # skip single header line
$/ = ""; # Rest of queue entries print on
# multiple lines.
while ( $entry = <QUEUE> ) {
if ( $entry =~ / $email_addr$/m ) {
($qid) = split(/\s+/, $entry, 2);
$qid =~ s/[\*\!]//;
next unless ($qid);
#
# Execute postsuper -d with the queue id.
# postsuper provides feedback when it deletes
# messages. Let its output go through.
#
if ( system($POSTSUPER, "-d", $qid) != 0 ) {
# If postsuper has a problem, bail.
die "Error executing $POSTSUPER: error " .
"code " . ($?/256) . "\n";
}
}
}
close(QUEUE);
if (! $qid ) {
die "No messages with the address <$email_addr> " .
"found in queue.\n";
}
exit 0;
Save this somewhere (/root would be fine) as pfdel.pl, make it executable with chmod, then run it with keywords like:
./pfdel.pl somedomain.tld
This would process the entire mail queue and delete all mails with the specified text in the e-mail address of sender or receiver.
-
I have already had AntiSpam/AntiVirus enabled on my mail server.
How to clean up all e-mails in the postfix queue? Do you know Command lines for that?
Actually I want to clean all mails on my server...
Thanks
-
I disabled send mail and setup server cron.
*/5 * * * * /usr/sbin/postsuper -d ALL
-
before deleting any emails you should check from where they come as it can be internal hacked php script
here are the postfix commands to clean your mail queue
http://wiki.centos-webpanel.com/postfix-mail-server-commands
-
Thank You
-
TRY ADDING RBLS TO CHECK MAILS WITH BLACKLIST
HERE FIND THE USE CODE AND UPDATE IN POSTFIX MAIN.CNF FILE
smtpd_recipient_restrictions = permit_sasl_authenticated,
permit_mynetworks,
check_client_access hash:/etc/postfix/sender_whitelist,
check_client_access hash:/etc/postfix/sender_blacklist,
reject_unauth_destination,
reject_non_fqdn_sender,reject_unknown_sender_domain,
check_sender_access hash:/etc/postfix/access,
reject_non_fqdn_recipient,
reject_unknown_recipient_domain,
reject_rbl_client zen.spamhaus.org,
reject_rbl_client bl.spamcop.net,
reject_rbl_client dnsbl.sorbs.net,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client b.barracudacentral.org,
reject_rbl_client dnsbl-1.uceprotect.net,
reject_rbl_client noptr.spamrats.com,
reject_rbl_client dyna.spamrats.com,
reject_rbl_client spam.spamrats.com,
reject_rbl_client dnsbl.inps.de,
reject_rbl_client combined.abuse.ch,
reject_rbl_client bl.blocklist.de,
reject_rbl_client dnsbl.darklist.de,
reject_rbl_client dnsrbl.org,
reject_rbl_client spamlist.or.kr,
reject_rbl_client dnsbl.openresolvers.org,
reject_rbl_client dnsbl-2.uceprotect.net,
reject_rbl_client dnsbl-3.uceprotect.net,
reject_rbl_client blacklist.woody.ch,
reject_rbl_client xbl.spamhaus.org,
reject_rbl_client sbl.spamhaus.org,
reject_rbl_client pbl.spamhaus.org,
reject_rbl_client misc.dnsbl.sorbs.net,
reject_rbl_client zombie.dnsbl.sorbs.net,
reject_rbl_client smtp.dnsbl.sorbs.net,
reject_rbl_client socks.dnsbl.sorbs.net,
reject_rbl_client spam.dnsbl.sorbs.net,
reject_rbl_client http.dnsbl.sorbs.net,
-
Easier to just use /etc/csf/csf.blocklist
???
-
Hi
It's better to use rate limiting for incoming/outgoing mail, Also configure storage protection for mailbox .
Learn more :
How to Secure CWP Postfix and Dovecot with Lets Encrypt SSL Certificate? (https://www.awsmonster.com/2019/09/how-to-secure-cwp-postfix-and-dovecot.html)