Log file location: /usr/local/psa/var/log/maillog
How do I repair Qmail configuration
# /usr/local/psa/admin/sbin/mchk --help
Synopsis:
mchk [OPTION]
--without-spam - restore all settings except for SpamAssassin configuration
--with-spam - restore all settings
--spam-only - restore only SpamAssassin settings
eg: # /usr/local/psa/admin/sbin/mchk --with-spam
Managing a QMail queue
/var/qmail/bin/qmail-showctl will show info about qmail setup.
/var/qmail/bin/qmail-qstat will show what is in the mail queue.
# to clear the queue
{
/etc/init.d/qmail stop
cd /var/qmail/queue
rm -rf info intd local mess remote todo
mkdir mess
for i in `seq 0 22`; do
mkdir mess/$i
done
cp -r mess info
cp -r mess intd
cp -r mess local
cp -r mess remote
cp -r mess todo
chmod -R 750 mess todo
chown -R qmailq:qmail mess todo
chmod -R 700 info intd local remote
chown -R qmailq:qmail intd
chown -R qmails:qmail info local remote
/etc/init.d/qmail start
}
qmHandle
qmHandle is a handy tool for manipulating the qmail queue, and for gathering some basic statistics about it.
To install it (to your current directory) run:
wget -O - "http://easynews.dl.sourceforge.net/sourceforge/qmhandle/qmhandle-1.3.2.tar.gz" | tar xzf -
If you're using qmHandle with Plesk's qmail, try an older version that doesn't attempt to stop qmail with 'svc':
wget -O - "http://easynews.dl.sourceforge.net/sourceforge/qmhandle/qmhandle-1.2.0.tar.gz" | tar xzf -
If you have a lot of bounce notices sitting in your queue, try running:
./qmHandle -S'failure notice'
The -S means ' delete all messages that have/contain text as Subject'.
Need to track who sent an email?
Need to track who sent a particular email from your server? e.g. if a user account is compromised and you need to see which user account?
The email will have headers like:
Received: (qmail 13711 invoked from network); 26 Jun 2007 02:55:46 -0000
Received: from hpbizway.com.ar (HELO User) (1.2.3.4)
by example.com with SMTP; 26 Jun 2007 02:55:46 -0000
The 'invoked from network' means the email was received from an external host (e.g. it was not send from a program like apache on your server itself).
The IP that sent the email was 1.2.3.4
So run:
grep 1.2.3.4 /var/log/messages
(Use whatever IP you need to there).
And you will find which user that IP was using. e.g.
/var/log/messages:Jun 26 16:17:35 example smtp_auth: SMTP connect from unknown@hpbizway.com.ar [1.2.3.4]
/var/log/messages:Jun 26 16:17:35 example smtp_auth: smtp_auth: SMTP user claudia
In this case it is the 'claudia' user. And a suitable follow up would be to, say, change the password on that user account.
QMail maxing out the CPU
Do you have lots of /var/qmail/bin/qmail-smtpd processes? All using lots of CPU?
Are you missing files named /var/qmail/control/dh512.pem and /var/qmail/control/dh1024.pem?
Do you have /var/qmail/control/dhparams512.pem and /var/qmail/control/dhparams1024.pem?
In this case it may be that your qmail process is generating a ssl key for each connection, rather than using a pre-prepared one.
The fix is to run:
cp /var/qmail/control/dhparams512.pem /var/qmail/control/dh512.pem
cp /var/qmail/control/dhparams1024.pem /var/qmail/control/dh1024.pem
Then you may also need to restart xinetd with
/etc/init.d/xinetd restart
No comments:
Post a Comment