LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (http://www.linuxquestions.org/questions/linux-server-73/)
-   -   exim spamd on cpanel (http://www.linuxquestions.org/questions/linux-server-73/exim-spamd-on-cpanel-933154/)

itdungpt 03-07-2012 02:11 AM

exim spamd on cpanel
 
mailnull 6767 0.0 0.0 64284 1220 ? Ss 16:43 0:00 /usr/sbin/exim -bd -q120m
root 6768 0.0 0.0 64280 2856 ? S 16:43 0:00 /usr/sbin/exim -q
root 6771 0.0 0.1 65704 4196 ? S 16:43 0:00 /usr/sbin/exim -q
mailnull 6774 0.0 0.1 65852 3924 ? S 16:43 0:00 /usr/sbin/exim -q
root 7007 0.0 0.1 65740 5436 ? Ss 16:43 0:00 /usr/sbin/exim -Mc 1S4qvi-0001p0-M4
mailnull 7009 0.0 0.1 65884 3944 ? S 16:43 0:00 /usr/sbin/exim -Mc 1S4qvi-0001p0-M4
root 7122 0.0 0.1 65728 5412 ? S 16:44 0:00 /usr/sbin/exim -Mc 1S4qw6-0001qr-1Y
mailnull 7123 0.0 0.0 65740 2852 ? S 16:44 0:00 /usr/sbin/exim -Mc 1S4qw6-0001qr-1Y
root 7145 0.0 0.1 65728 5424 ? Ss 16:44 0:00 /usr/sbin/exim -Mc 1S4qwO-0001rE-VO
mailnull 7146 0.0 0.1 65880 3928 ? S 16:44 0:00 /usr/sbin/exim -Mc 1S4qwO-0001rE-VO
root 7149 0.0 0.1 65732 5436 ? Ss 16:44 0:00 /usr/sbin/exim -Mc 1S4qwP-0001rI-3x
mailnull 7150 0.0 0.1 65884 3936 ? S 16:44 0:00 /usr/sbin/exim -Mc 1S4qwP-0001rI-3x
root 7203 0.0 0.1 65740 5432 ? Ss 16:44 0:00 /usr/sbin/exim -Mc 1S4qwu-0001sA-3v
mailnull 7204 0.0 0.1 65884 3936 ? S 16:44 0:00 /usr/sbin/exim -Mc 1S4qwu-0001sA-3v
root 7207 0.0 0.1 65728 5424 ? Ss 16:44 0:00 /usr/sbin/exim -Mc 1S4qwu-0001sE-7D
mailnull 7208 0.0 0.1 65880 3924 ? S 16:44 0:00 /usr/sbin/exim -Mc 1S4qwu-0001sE-7D
root 7279 0.0 0.1 65736 5432 ? Ss 16:45 0:00 /usr/sbin/exim -Mc 1S4qxB-0001tO-JH
mailnull 7280 0.0 0.1 65880 3936 ? S 16:45 0:00 /usr/sbin/exim -Mc 1S4qxB-0001tO-JH
root 7309 0.0 0.1 65740 5432 ? Ss 16:45 0:00 /usr/sbin/exim -Mc 1S4qxI-0001ts-0B
mailnull 7310 0.0 0.1 65884 3936 ? S 16:45 0:00 /usr/sbin/exim -Mc 1S4qxI-0001ts-0B
root 7314 0.0 0.1 65732 5432 ? Ss 16:45 0:00 /usr/sbin/exim -Mc 1S4qxI-0001tx-A5
mailnull 7315 0.0 0.1 65884 3932 ? S 16:45 0:00 /usr/sbin/exim -Mc 1S4qxI-0001tx-A5
root 7382 0.0 0.1 65732 5432 ? Ss 16:45 0:00 /usr/sbin/exim -Mc 1S4qxm-0001v1-I7
mailnull 7383 0.0 0.1 65884 3932 ? S 16:45 0:00 /usr/sbin/exim -Mc 1S4qxm-0001v1-I7
root 7387 0.0 0.1 65736 5436 ? Ss 16:45 0:00 /usr/sbin/exim -Mc 1S4qxn-0001v7-Hv
mailnull 7388 0.0 0.1 65880 3940 ? S 16:45 0:00 /usr/sbin/exim -Mc 1S4qxn-0001v7-Hv
root 7398 0.0 0.1 65740 5428 ? Ss 16:45 0:00 /usr/sbin/exim -Mc 1S4qxx-0001vJ-9j
mailnull 7399 0.0 0.1 65884 3932 ? S 16:45 0:00 /usr/sbin/exim -Mc 1S4qxx-0001vJ-9j
root 7444 0.0 0.1 65732 5408 ? S 16:46 0:00 /usr/sbin/exim -Mc 1S4qyO-0001w3-Nb
mailnull 7445 0.0 0.1 65872 3916 ? S 16:46 0:00 /usr/sbin/exim -Mc 1S4qyO-0001w3-Nb
root 7448 0.0 0.1 65728 5428 ? Ss 16:46 0:00 /usr/sbin/exim -Mc 1S4qyO-0001w7-W1
mailnull 7449 0.0 0.1 65880 3928 ? S 16:46 0:00 /usr/sbin/exim -Mc 1S4qyO-0001w7-W1
root 7453 0.0 0.1 65728 5428 ? Ss 16:46 0:00 /usr/sbin/exim -Mc 1S4qyP-0001wC-9k
mailnull 7454 0.0 0.1 65880 3932 ? S 16:46 0:00 /usr/sbin/exim -Mc 1S4qyP-0001wC-9k
root 7517 0.0 0.1 65736 5408 ? S 16:47 0:00 /usr/sbin/exim -Mc 1S4qyz-0001xE-S9
mailnull 7518 0.0 0.0 65740 2752 ? S 16:47 0:00 /usr/sbin/exim -Mc 1S4qyz-0001xE-S9
root 7607 0.0 0.1 65740 5428 ? Ss 16:47 0:00 /usr/sbin/exim -Mc 1S4qzY-0001yg-SS
mailnull 7608 0.0 0.1 65884 3932 ? S 16:47 0:00 /usr/sbin/exim -Mc 1S4qzY-0001yg-SS
root 7678 0.0 0.1 65740 5432 ? Ss 16:48 0:00 /usr/sbin/exim -Mc 1S4r0Q-0001zp-Oy
mailnull 7679 0.0 0.1 65884 3936 ? S 16:48 0:00 /usr/sbin/exim -Mc 1S4r0Q-0001zp-Oy
root 7774 0.0 0.1 65736 5424 ? Ss 16:48 0:00 /usr/sbin/exim -Mc 1S4r0n-00021N-GK
mailnull 7775 0.0 0.1 65880 3932 ? S 16:48 0:00 /usr/sbin/exim -Mc 1S4r0n-00021N-GK
root 7778 0.0 0.1 65728 5420 ? Ss 16:48 0:00 /usr/sbin/exim -Mc 1S4r0n-00021R-NC
mailnull 7779 0.0 0.1 65880 3924 ? S 16:48 0:00 /usr/sbin/exim -Mc 1S4r0n-00021R-NC
root 7800 0.0 0.1 65736 5428 ? Ss 16:49 0:00 /usr/sbin/exim -Mc 1S4r18-00021n-HE
mailnull 7801 0.0 0.1 65880 3936 ? S 16:49 0:00 /usr/sbin/exim -Mc 1S4r18-00021n-HE
root 7819 0.0 0.1 65732 5416 ? S 16:49 0:00 /usr/sbin/exim -Mc 1S4r1F-000226-Gd
mailnull 7820 0.0 0.1 65872 3928 ? S 16:49 0:00 /usr/sbin/exim -Mc 1S4r1F-000226-Gd
root 7847 0.0 0.1 65732 5428 ? Ss 16:49 0:00 /usr/sbin/exim -Mc 1S4r1W-00022Y-QP
mailnull 7848 0.0 0.1 65876 3936 ? S 16:49 0:00 /usr/sbin/exim -Mc 1S4r1W-00022Y-QP
root 7851 0.0 0.1 65740 5428 ? Ss 16:49 0:00 /usr/sbin/exim -Mc 1S4r1W-00022c-W0
mailnull 7853 0.0 0.1 65884 3936 ? S 16:49 0:00 /usr/sbin/exim -Mc 1S4r1W-00022c-W0
root 7856 0.0 0.1 65740 5428 ? Ss 16:49 0:00 /usr/sbin/exim -Mc 1S4r1X-00022h-5o
mailnull 7857 0.0 0.1 65884 3940 ? S 16:49 0:00 /usr/sbin/exim -Mc 1S4r1X-00022h-5o
root 7860 0.0 0.1 65740 5428 ? Ss 16:49 0:00 /usr/sbin/exim -Mc 1S4r1X-00022l-Cm
mailnull 7861 0.0 0.1 65884 3936 ? S 16:49 0:00 /usr/sbin/exim -Mc 1S4r1X-00022l-Cm



please help disable spam on my exim server

itdungpt 03-07-2012 04:12 AM

please help me

itdungpt 03-07-2012 07:39 PM

# grep "<=.*P=local" /var/log/exim_mainlog | awk '{print $6}' | sort | uniq -c | sort -nr | head -5
8506 U=k48it
7537 U=raovat
1373 U=tiengvan
349 U=root
137 U=anhluane


# tail -n1000 /var/log/exim_mainlog |grep SMTP|cut -d[ -f2|cut -d] -f1|sort -n |uniq -c
13714 R=localuser
1 R=virtual_user

# awk '{ if ($0 ~ "cwd" && $0 ~ "home") {print $3} }' /var/log/exim_mainlog | sort | uniq -c | sort -nk 1
2 24-10-2011
6884 3


#tail -n1000 /var/log/exim_mainlog |grep SMTP|cut -d[ -f2|cut -d] -f1|sort -n |uniq -c
1 74.125.127.27
1 2012-03-08 07:15:28 exim 4.69 daemon started: pid=1886, -q2h, listening for SMTP on port 25 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
1 2012-03-08 07:20:30 exim 4.69 daemon started: pid=2709, -q2h, listening for SMTP on port 25 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
1 2012-03-08 07:25:48 exim 4.69 daemon started: pid=3491, -q2h, listening for SMTP on port 25 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
1 2012-03-08 07:30:31 exim 4.69 daemon started: pid=4367, -q2h, listening for SMTP on port 25 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
1 2012-03-08 07:35:32 exim 4.69 daemon started: pid=5283, -q2h, listening for SMTP on port 25 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
1 2012-03-08 07:40:33 exim 4.69 daemon started: pid=6216, -q2h, listening for SMTP on port 25 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
1 2012-03-08 07:45:34 exim 4.69 daemon started: pid=7066, -q2h, listening for SMTP on port 25 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
1 2012-03-08 07:50:36 exim 4.69 daemon started: pid=7930, -q2h, listening for SMTP on port 25 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
1 2012-03-08 07:55:36 exim 4.69 daemon started: pid=8797, -q2h, listening for SMTP on port 25 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
1 2012-03-08 07:57:22 exim 4.69 daemon started: pid=9271, -q2h, listening for SMTP on port 25 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
root@server [~]#

# egrep -o 'dovecot_login[^ ]+' /var/log/exim_mainlog | sort|uniq
31 dovecot_login:noreply+bdssg.co.cc
5721 dovecot_login:noreply@bdssg.co.cc


All times are GMT -5. The time now is 01:40 PM.