LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 03-07-2012, 02:11 AM   #1
itdungpt
LQ Newbie
 
Registered: Feb 2012
Posts: 20

Rep: Reputation: Disabled
exim spamd on cpanel


mailnull 6767 0.0 0.0 64284 1220 ? Ss 16:43 0:00 /usr/sbin/exim -bd -q120m
root 6768 0.0 0.0 64280 2856 ? S 16:43 0:00 /usr/sbin/exim -q
root 6771 0.0 0.1 65704 4196 ? S 16:43 0:00 /usr/sbin/exim -q
mailnull 6774 0.0 0.1 65852 3924 ? S 16:43 0:00 /usr/sbin/exim -q
root 7007 0.0 0.1 65740 5436 ? Ss 16:43 0:00 /usr/sbin/exim -Mc 1S4qvi-0001p0-M4
mailnull 7009 0.0 0.1 65884 3944 ? S 16:43 0:00 /usr/sbin/exim -Mc 1S4qvi-0001p0-M4
root 7122 0.0 0.1 65728 5412 ? S 16:44 0:00 /usr/sbin/exim -Mc 1S4qw6-0001qr-1Y
mailnull 7123 0.0 0.0 65740 2852 ? S 16:44 0:00 /usr/sbin/exim -Mc 1S4qw6-0001qr-1Y
root 7145 0.0 0.1 65728 5424 ? Ss 16:44 0:00 /usr/sbin/exim -Mc 1S4qwO-0001rE-VO
mailnull 7146 0.0 0.1 65880 3928 ? S 16:44 0:00 /usr/sbin/exim -Mc 1S4qwO-0001rE-VO
root 7149 0.0 0.1 65732 5436 ? Ss 16:44 0:00 /usr/sbin/exim -Mc 1S4qwP-0001rI-3x
mailnull 7150 0.0 0.1 65884 3936 ? S 16:44 0:00 /usr/sbin/exim -Mc 1S4qwP-0001rI-3x
root 7203 0.0 0.1 65740 5432 ? Ss 16:44 0:00 /usr/sbin/exim -Mc 1S4qwu-0001sA-3v
mailnull 7204 0.0 0.1 65884 3936 ? S 16:44 0:00 /usr/sbin/exim -Mc 1S4qwu-0001sA-3v
root 7207 0.0 0.1 65728 5424 ? Ss 16:44 0:00 /usr/sbin/exim -Mc 1S4qwu-0001sE-7D
mailnull 7208 0.0 0.1 65880 3924 ? S 16:44 0:00 /usr/sbin/exim -Mc 1S4qwu-0001sE-7D
root 7279 0.0 0.1 65736 5432 ? Ss 16:45 0:00 /usr/sbin/exim -Mc 1S4qxB-0001tO-JH
mailnull 7280 0.0 0.1 65880 3936 ? S 16:45 0:00 /usr/sbin/exim -Mc 1S4qxB-0001tO-JH
root 7309 0.0 0.1 65740 5432 ? Ss 16:45 0:00 /usr/sbin/exim -Mc 1S4qxI-0001ts-0B
mailnull 7310 0.0 0.1 65884 3936 ? S 16:45 0:00 /usr/sbin/exim -Mc 1S4qxI-0001ts-0B
root 7314 0.0 0.1 65732 5432 ? Ss 16:45 0:00 /usr/sbin/exim -Mc 1S4qxI-0001tx-A5
mailnull 7315 0.0 0.1 65884 3932 ? S 16:45 0:00 /usr/sbin/exim -Mc 1S4qxI-0001tx-A5
root 7382 0.0 0.1 65732 5432 ? Ss 16:45 0:00 /usr/sbin/exim -Mc 1S4qxm-0001v1-I7
mailnull 7383 0.0 0.1 65884 3932 ? S 16:45 0:00 /usr/sbin/exim -Mc 1S4qxm-0001v1-I7
root 7387 0.0 0.1 65736 5436 ? Ss 16:45 0:00 /usr/sbin/exim -Mc 1S4qxn-0001v7-Hv
mailnull 7388 0.0 0.1 65880 3940 ? S 16:45 0:00 /usr/sbin/exim -Mc 1S4qxn-0001v7-Hv
root 7398 0.0 0.1 65740 5428 ? Ss 16:45 0:00 /usr/sbin/exim -Mc 1S4qxx-0001vJ-9j
mailnull 7399 0.0 0.1 65884 3932 ? S 16:45 0:00 /usr/sbin/exim -Mc 1S4qxx-0001vJ-9j
root 7444 0.0 0.1 65732 5408 ? S 16:46 0:00 /usr/sbin/exim -Mc 1S4qyO-0001w3-Nb
mailnull 7445 0.0 0.1 65872 3916 ? S 16:46 0:00 /usr/sbin/exim -Mc 1S4qyO-0001w3-Nb
root 7448 0.0 0.1 65728 5428 ? Ss 16:46 0:00 /usr/sbin/exim -Mc 1S4qyO-0001w7-W1
mailnull 7449 0.0 0.1 65880 3928 ? S 16:46 0:00 /usr/sbin/exim -Mc 1S4qyO-0001w7-W1
root 7453 0.0 0.1 65728 5428 ? Ss 16:46 0:00 /usr/sbin/exim -Mc 1S4qyP-0001wC-9k
mailnull 7454 0.0 0.1 65880 3932 ? S 16:46 0:00 /usr/sbin/exim -Mc 1S4qyP-0001wC-9k
root 7517 0.0 0.1 65736 5408 ? S 16:47 0:00 /usr/sbin/exim -Mc 1S4qyz-0001xE-S9
mailnull 7518 0.0 0.0 65740 2752 ? S 16:47 0:00 /usr/sbin/exim -Mc 1S4qyz-0001xE-S9
root 7607 0.0 0.1 65740 5428 ? Ss 16:47 0:00 /usr/sbin/exim -Mc 1S4qzY-0001yg-SS
mailnull 7608 0.0 0.1 65884 3932 ? S 16:47 0:00 /usr/sbin/exim -Mc 1S4qzY-0001yg-SS
root 7678 0.0 0.1 65740 5432 ? Ss 16:48 0:00 /usr/sbin/exim -Mc 1S4r0Q-0001zp-Oy
mailnull 7679 0.0 0.1 65884 3936 ? S 16:48 0:00 /usr/sbin/exim -Mc 1S4r0Q-0001zp-Oy
root 7774 0.0 0.1 65736 5424 ? Ss 16:48 0:00 /usr/sbin/exim -Mc 1S4r0n-00021N-GK
mailnull 7775 0.0 0.1 65880 3932 ? S 16:48 0:00 /usr/sbin/exim -Mc 1S4r0n-00021N-GK
root 7778 0.0 0.1 65728 5420 ? Ss 16:48 0:00 /usr/sbin/exim -Mc 1S4r0n-00021R-NC
mailnull 7779 0.0 0.1 65880 3924 ? S 16:48 0:00 /usr/sbin/exim -Mc 1S4r0n-00021R-NC
root 7800 0.0 0.1 65736 5428 ? Ss 16:49 0:00 /usr/sbin/exim -Mc 1S4r18-00021n-HE
mailnull 7801 0.0 0.1 65880 3936 ? S 16:49 0:00 /usr/sbin/exim -Mc 1S4r18-00021n-HE
root 7819 0.0 0.1 65732 5416 ? S 16:49 0:00 /usr/sbin/exim -Mc 1S4r1F-000226-Gd
mailnull 7820 0.0 0.1 65872 3928 ? S 16:49 0:00 /usr/sbin/exim -Mc 1S4r1F-000226-Gd
root 7847 0.0 0.1 65732 5428 ? Ss 16:49 0:00 /usr/sbin/exim -Mc 1S4r1W-00022Y-QP
mailnull 7848 0.0 0.1 65876 3936 ? S 16:49 0:00 /usr/sbin/exim -Mc 1S4r1W-00022Y-QP
root 7851 0.0 0.1 65740 5428 ? Ss 16:49 0:00 /usr/sbin/exim -Mc 1S4r1W-00022c-W0
mailnull 7853 0.0 0.1 65884 3936 ? S 16:49 0:00 /usr/sbin/exim -Mc 1S4r1W-00022c-W0
root 7856 0.0 0.1 65740 5428 ? Ss 16:49 0:00 /usr/sbin/exim -Mc 1S4r1X-00022h-5o
mailnull 7857 0.0 0.1 65884 3940 ? S 16:49 0:00 /usr/sbin/exim -Mc 1S4r1X-00022h-5o
root 7860 0.0 0.1 65740 5428 ? Ss 16:49 0:00 /usr/sbin/exim -Mc 1S4r1X-00022l-Cm
mailnull 7861 0.0 0.1 65884 3936 ? S 16:49 0:00 /usr/sbin/exim -Mc 1S4r1X-00022l-Cm



please help disable spam on my exim server
 
Old 03-07-2012, 04:12 AM   #2
itdungpt
LQ Newbie
 
Registered: Feb 2012
Posts: 20

Original Poster
Rep: Reputation: Disabled
please help me
 
Old 03-07-2012, 07:39 PM   #3
itdungpt
LQ Newbie
 
Registered: Feb 2012
Posts: 20

Original Poster
Rep: Reputation: Disabled
# grep "<=.*P=local" /var/log/exim_mainlog | awk '{print $6}' | sort | uniq -c | sort -nr | head -5
8506 U=k48it
7537 U=raovat
1373 U=tiengvan
349 U=root
137 U=anhluane


# tail -n1000 /var/log/exim_mainlog |grep SMTP|cut -d[ -f2|cut -d] -f1|sort -n |uniq -c
13714 R=localuser
1 R=virtual_user

# awk '{ if ($0 ~ "cwd" && $0 ~ "home") {print $3} }' /var/log/exim_mainlog | sort | uniq -c | sort -nk 1
2 24-10-2011
6884 3


#tail -n1000 /var/log/exim_mainlog |grep SMTP|cut -d[ -f2|cut -d] -f1|sort -n |uniq -c
1 74.125.127.27
1 2012-03-08 07:15:28 exim 4.69 daemon started: pid=1886, -q2h, listening for SMTP on port 25 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
1 2012-03-08 07:20:30 exim 4.69 daemon started: pid=2709, -q2h, listening for SMTP on port 25 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
1 2012-03-08 07:25:48 exim 4.69 daemon started: pid=3491, -q2h, listening for SMTP on port 25 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
1 2012-03-08 07:30:31 exim 4.69 daemon started: pid=4367, -q2h, listening for SMTP on port 25 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
1 2012-03-08 07:35:32 exim 4.69 daemon started: pid=5283, -q2h, listening for SMTP on port 25 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
1 2012-03-08 07:40:33 exim 4.69 daemon started: pid=6216, -q2h, listening for SMTP on port 25 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
1 2012-03-08 07:45:34 exim 4.69 daemon started: pid=7066, -q2h, listening for SMTP on port 25 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
1 2012-03-08 07:50:36 exim 4.69 daemon started: pid=7930, -q2h, listening for SMTP on port 25 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
1 2012-03-08 07:55:36 exim 4.69 daemon started: pid=8797, -q2h, listening for SMTP on port 25 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
1 2012-03-08 07:57:22 exim 4.69 daemon started: pid=9271, -q2h, listening for SMTP on port 25 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
root@server [~]#

# egrep -o 'dovecot_login[^ ]+' /var/log/exim_mainlog | sort|uniq
31 dovecot_login:noreply+bdssg.co.cc
5721 dovecot_login:noreply@bdssg.co.cc
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Exim: Is there away to block command when someone telnets to exim's port? abefroman Linux - Software 1 09-26-2010 08:47 AM
Cpanel/WHM Died at /usr/local/cpanel/Cpanel/Hulk.pm line 92. liang3391 Linux - Software 1 06-22-2009 02:02 PM
problem with spamd and Exim 4 bruban Linux - Server 1 11-05-2007 06:13 PM
Etch + exim4 + sa-exim: sa-exim is not loading Thalagyrt Debian 0 04-18-2007 10:12 AM
exim is failed !!! error:package exim is not installed apache Linux - Software 0 06-24-2004 05:55 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 09:18 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration