Author Topic: To many spams - Postfix Mail Queue  (Read 13049 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
To many spams - Postfix Mail Queue
« on: April 18, 2018, 07:09:35 PM »

On my email account has received more than 32 000 spams( in 12h )

When I have tried to delete those spams on page ( CWP Admin > Email > Manage Mail Queue )

I have got a error message:

Code: [Select]
Fatal error

:  Maximum execution time of 90 seconds exceeded in /usr/local/cwpsrv/htdocs/resources/admin/modules/mail_queue.php  on line 0

I stopped Postfix Mail Server, but next day it's activate again by itself, and now I have more than 53 900 spams for one email account.

I have tried to set new password, but it is not helped.

How to remove those spams?

Thanks

Offline
*
Re: To many spams - Postfix Mail Queue
« Reply #1 on: April 18, 2018, 10:40:21 PM »
#1 - You should change the configuration of your mail server so that the spam filters are enabled. This is to block further receipt of spam mails.

CPanel > Email > MailServer Manager > enable AntiSpam/AntiVirus + rDNS Check if not already enabled > Rebuild mail server.

#2 - To clean up a massive amount of e-mails in the postfix queue, the web interface is not going to work. You'll need to connect to the server using a SSH client, log in with a standard account, SU to get root, then create a PERL script file using the code below and run it with the source or destination e-mail address as parameter:

Code: [Select]
#!/usr/bin/perl -w
#
# pfdel - deletes message containing specified address from
# Postfix queue. Matches either sender or recipient address.
#
# Usage: pfdel <email_address>
#

use strict;

# Change these paths if necessary.
my $LISTQ = "/usr/sbin/postqueue -p";
my $POSTSUPER = "/usr/sbin/postsuper";

my $email_addr = "";
my $qid = "";
my $euid = $>;

if ( @ARGV !=  1 ) {
die "Usage: pfdel <email_address>\n";
} else {
$email_addr = $ARGV[0];
}

if ( $euid != 0 ) {
        die "You must be root to delete queue files.\n";
}


open(QUEUE, "$LISTQ |") ||
  die "Can't get pipe to $LISTQ: $!\n";

my $entry = <QUEUE>; # skip single header line
$/ = ""; # Rest of queue entries print on
# multiple lines.
while ( $entry = <QUEUE> ) {
if ( $entry =~ / $email_addr$/m ) {
($qid) = split(/\s+/, $entry, 2);
$qid =~ s/[\*\!]//;
next unless ($qid);

#
# Execute postsuper -d with the queue id.
# postsuper provides feedback when it deletes
# messages. Let its output go through.
#
if ( system($POSTSUPER, "-d", $qid) != 0 ) {
# If postsuper has a problem, bail.
die "Error executing $POSTSUPER: error " .
   "code " .  ($?/256) . "\n";
}
}
}
close(QUEUE);

if (! $qid ) {
die "No messages with the address <$email_addr> " .
  "found in queue.\n";
}

exit 0;

Save this somewhere (/root would be fine) as pfdel.pl, make it executable with chmod, then run it with keywords like:

./pfdel.pl somedomain.tld

This would process the entire mail queue and delete all mails with the specified text in the e-mail address of sender or receiver.
« Last Edit: April 18, 2018, 10:44:05 PM by puterfixer »

Offline
*
Re: To many spams - Postfix Mail Queue
« Reply #2 on: April 19, 2018, 07:49:56 PM »
I have already had AntiSpam/AntiVirus enabled on my mail server.

How to clean up all e-mails in the postfix queue? Do you know Command lines for that?

Actually I want to clean all mails on my server...

Thanks

Offline
*
Re: To many spams - Postfix Mail Queue
« Reply #3 on: April 22, 2018, 06:37:41 AM »
I disabled send mail and setup server cron.
Code: [Select]
*/5 * * * * /usr/sbin/postsuper -d ALL

Offline
*
Re: To many spams - Postfix Mail Queue
« Reply #4 on: April 23, 2018, 12:05:25 PM »
before deleting any emails you should check from where they come as it can be internal hacked php script

here are the postfix commands to clean your mail queue
http://wiki.centos-webpanel.com/postfix-mail-server-commands
VPS & Dedicated server provider with included FREE Managed support for CWP.
http://www.studio4host.com/

*** Don't allow that your server or website is down, choose hosting provider with included expert managed support for your CWP.

Offline
*
Re: To many spams - Postfix Mail Queue
« Reply #5 on: May 02, 2018, 12:42:02 AM »
Thank You

Offline
*
Re: To many spams - Postfix Mail Queue
« Reply #6 on: December 29, 2019, 05:54:09 PM »
TRY ADDING RBLS TO CHECK MAILS WITH BLACKLIST
HERE FIND THE USE CODE AND UPDATE IN POSTFIX MAIN.CNF FILE
Code: [Select]
smtpd_recipient_restrictions = permit_sasl_authenticated,
 permit_mynetworks,
 check_client_access hash:/etc/postfix/sender_whitelist,
 check_client_access hash:/etc/postfix/sender_blacklist,
 reject_unauth_destination,
 reject_non_fqdn_sender,reject_unknown_sender_domain,
 check_sender_access hash:/etc/postfix/access,
 reject_non_fqdn_recipient,
 reject_unknown_recipient_domain,
 reject_rbl_client zen.spamhaus.org,
 reject_rbl_client bl.spamcop.net,
 reject_rbl_client dnsbl.sorbs.net,
 reject_rbl_client cbl.abuseat.org,
 reject_rbl_client b.barracudacentral.org,
 reject_rbl_client dnsbl-1.uceprotect.net,
 reject_rbl_client noptr.spamrats.com,
 reject_rbl_client dyna.spamrats.com,
 reject_rbl_client spam.spamrats.com,
 reject_rbl_client dnsbl.inps.de,
 reject_rbl_client combined.abuse.ch,
 reject_rbl_client bl.blocklist.de,
 reject_rbl_client dnsbl.darklist.de,
 reject_rbl_client dnsrbl.org,
 reject_rbl_client spamlist.or.kr,
 reject_rbl_client dnsbl.openresolvers.org,
 reject_rbl_client dnsbl-2.uceprotect.net,
 reject_rbl_client dnsbl-3.uceprotect.net,
 reject_rbl_client blacklist.woody.ch,
 reject_rbl_client xbl.spamhaus.org,
 reject_rbl_client sbl.spamhaus.org,
 reject_rbl_client pbl.spamhaus.org,
 reject_rbl_client misc.dnsbl.sorbs.net,
 reject_rbl_client zombie.dnsbl.sorbs.net,
 reject_rbl_client smtp.dnsbl.sorbs.net,
 reject_rbl_client socks.dnsbl.sorbs.net,
 reject_rbl_client spam.dnsbl.sorbs.net,
 reject_rbl_client http.dnsbl.sorbs.net,

Re: To many spams - Postfix Mail Queue
« Reply #7 on: December 30, 2019, 12:49:12 PM »
Easier to just use /etc/csf/csf.blocklist
 ???

Offline
*
Re: To many spams - Postfix Mail Queue
« Reply #8 on: December 31, 2019, 09:24:08 AM »
Hi

It's better to use rate limiting for incoming/outgoing mail, Also configure storage protection for mailbox .

Learn more :
How to Secure CWP Postfix and Dovecot with Lets Encrypt SSL Certificate?