Blog
Keep updated with latest web technology.
Enjoy life same time.

Spam Protection: Alert when there are spammers sending email from your server

Posted Jan 25 2012 by in Linux Tricks with

For a few recent days we experienced that someone hacked into one of our accounts and use it to send spam massively. We immediately change that account (and all others)’ password and apply higher security protection. But to be sure that we know if any problems sooner (before the server is blacklisted by Google mail, Yahoo mail and other ISPs), we are worrying about how to monitor number of emails currently in queue, if that is abnormal then we know immediately to take action. We got this script from http://crazyadmins.com/viewtopic.php?f=15&t=55 to monitor mail queue, if that goes higher than 20 emails at a time.

#!/bin/bash
# Script from www.crazyadmins.com to alert admin about larger mail queue
# Save the file as eximqueue.sh
 
######### Edit here ##########
 
_mail_user=your@mail.com # Set this to your email id to receive alerts on mail queue
_limit=200 # Set the limit here
 
##############################
 
clear;
_result="/tmp/eximqueue.txt"
_queue="`exim-bpc`"
 
if [ "$_queue" -ge "$_limit" ]; then
   echo "Current queue is: $_queue" > $_result
   echo "Summary of Mail queue" >> $_result
   echo "`exim -bp | exiqsumm`" >> $_result
   mail -s "Number of mails on `hostname` : $_queue" $_mail_user < $_result
   cat $_result
fi
 
rm -f $_result

The script does not work for us at first time. There for it to work in cron mode we need to add

TERM=linux
export TERM

Also to change every command instances to include /usr/sbin/ (otherwise it will report command not found)

Finally it looks like below

#!/bin/bash
TERM=linux
export TERM
# Script from www.crazyadmins.com to alert admin about larger mail queue
# Save the file as eximqueue.sh
 
######### Edit here ##########
 
_mail_user=your@mail.com # Set this to your email id to receive alerts on mail queue
_limit=200 # Set the limit here
 
##############################
 
clear;
_result="/tmp/eximqueue.txt"
_queue="`/usr/sbin/exim-bpc`"
 
if [ "$_queue" -ge "$_limit" ]; then
   echo "Current queue is: $_queue" > $_result
   echo "Summary of Mail queue" >> $_result
   echo "`/usr/sbin/exim -bp | /usr/sbin/exiqsumm`" >> $_result
   mail -s "ALERT: Number of mails on `hostname` : $_queue" $_mail_user < $_result
   cat $_result
fi
 
rm -f $_result

Set up this to run each minute and we feel better now. Hope that will save you sometime too.

Category: Linux Tricks

Comments

Leave a Reply

You must be logged in to post a comment.