IMAP SMTP auth & SPAM

Posted by alex almazan Mon, 31 Dec 2007 20:44:00 GMT

These handy bits of one line foo are straight from one of the smartest and strangest admins I have had the pleaure of meeting. He is always crafting these sort of tools for use.

Tally of who failed SMTP Auth login: 
grep "smtp_auth: .* connect from" /var/log/messages | awk '{print $2"/"$1"/2007:"$3"\t"$9"\t"$10}' | sed -e "s/\[//g" -e "s/\]//g"
And their IPs 
grep "smtp_auth: SMTP connect from" /var/log/messages | awk '{print $10}' | sed -e "s/\[//g" -e "s/\]//g" | sort -n | uniq -c | sort -nr | head -20
Tally of who succeeded SMTP Auth login: 
grep "smtp_auth: smtp_auth: SMTP user " /var/log/messages | grep "logged in from " | awk '{print $2"/"$1"/2007:"$3"\t"$9"\t"$16}' | sed -e "s/\[//g" -e "s/\]//g"
And their IPs 
grep "smtp_auth: smtp_auth: SMTP user " /var/log/messages | grep "logged in from " | awk '{print $16}' | sed -e "s/\[//g" -e "s/\]//g" | sort -n | uniq -c | sort -nr | head -20

Rebuild Qmail Queue

Posted by alex almazan Mon, 17 Dec 2007 23:44:00 GMT

Two methods for rebuilding the qmail queue.

First stop Qmail 
# /etc/init.d/qmail stop
or 
service qmail stop

# cd /var/qmail/queue
# rm -rf info intd local mess remote todo
Create the necessary directories 
# mkdir mess
# for i in `seq 0 22`; do
# mkdir mess/$i
# done
# cp -r mess info
# cp -r mess intd
# cp -r mess local
# cp -r mess remote
# cp -r mess todo
assign nexessary attributes 
# chmod -R 750 mess todo
# chown -R qmailq:qmail mess todo
# chmod -R 700 info intd local remote
# chown -R qmailq:qmail intd
# chown -R qmails:qmail info local remote
Finally start Qmail 
# /etc/init.d/qmail start
or 
service qmail start

Here is the alternate method

http://kb.swsoft.com/en/252

Older posts: 1 2 3