To Display all Messages in the Email Queue
Log in to your server using SSH.
Type su -.
Enter the password you used to log in to your server.
At the command prompt, type:
/var/qmail/bin/qmail-qstat
To list multiple messages in the queue, type:
/var/qmail/bin/qmail-qread
lsof command example
Type the following command to see IPv4 port(s), enter:
# lsof -Pnl +M -i4
Type the following command to see IPv6 listing port(s), enter:
# lsof -Pnl +M -i6
Tuesday, March 6, 2012
Thursday, February 23, 2012
allow certain php functions for a specific domain
When dealing with the security of your server you will eventually get to the part were you will want to disable some php functions. The only problem on shared hosting is that you cannot disable exec for a domain and enable that function for an other that needs it because of some lame script. Eventually you will get to the part were you will need to enable exec on the entire server because of one site.
There is a solution to this and it’s called suhosin.
Suhosin has a configuration variable called ”suhosin.executor.func.blacklist” which can be used to disable some php functions. The difference between this variable and disable_functions in php.ini is that it can be set for all the sites and then it can be modified for a domain only (it can be overwritten) so you will be able to disable exec on the entire server and enable that function for a single domain.
I will not write here how to install suhosin.
Also, you only need the extension for this so you do not need to patch php and recompile.
IMPORTANT: I have noticed that the suhosin extension 0.9.20 will not work anymore as there are some problems with it. It’s ok as long as we have 0.9.18. Probably the next version of the extension will be fixed to work ok again so remember to use version 0.9.18 for this until the problem is fixed.
Ok, so to use suhosin as the php function blocker we need to comment out disable_functions in php ini (yes, enable all the functions) and then set in php.ini
suhosin.executor.func.blacklist to something like this:
suhosin.executor.func.blacklist = exec, passthru, shell_exec, system, pcntl_exec, proc_open, proc_nice, proc_terminate, proc_get_status, proc_close, leak, apache_child_terminate, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, escapeshellcmd, escapeshellarg
You can add as many functions as you like.
After that, all the functions added in suhosin.executor.func.blacklist will not work anymore in php scripts. If you need to enable a function for a domain, let’s say
exec, you will have to edit apache configuration file and add suhosin.executor.func.blacklist without the exec function:
ServerAlias www.test.com
ServerAdmin webmaster@test.com
DocumentRoot /home/test/public_html
php_admin_value suhosin.executor.func.blacklist "passthru, show_source, shell_exec, system, pcntl_exec, popen, pclose, proc_open, proc_nice, proc_terminate, proc_get_status, proc_close, leak, apache_child_terminate, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, escapeshellcmd, escapeshellarg"
Now exec is disable on the server but it’s enabled on the test domain.
Hope this helps.
There is a solution to this and it’s called suhosin.
Suhosin has a configuration variable called ”suhosin.executor.func.blacklist” which can be used to disable some php functions. The difference between this variable and disable_functions in php.ini is that it can be set for all the sites and then it can be modified for a domain only (it can be overwritten) so you will be able to disable exec on the entire server and enable that function for a single domain.
I will not write here how to install suhosin.
Also, you only need the extension for this so you do not need to patch php and recompile.
IMPORTANT: I have noticed that the suhosin extension 0.9.20 will not work anymore as there are some problems with it. It’s ok as long as we have 0.9.18. Probably the next version of the extension will be fixed to work ok again so remember to use version 0.9.18 for this until the problem is fixed.
Ok, so to use suhosin as the php function blocker we need to comment out disable_functions in php ini (yes, enable all the functions) and then set in php.ini
suhosin.executor.func.blacklist to something like this:
suhosin.executor.func.blacklist = exec, passthru, shell_exec, system, pcntl_exec, proc_open, proc_nice, proc_terminate, proc_get_status, proc_close, leak, apache_child_terminate, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, escapeshellcmd, escapeshellarg
You can add as many functions as you like.
After that, all the functions added in suhosin.executor.func.blacklist will not work anymore in php scripts. If you need to enable a function for a domain, let’s say
exec, you will have to edit apache configuration file and add suhosin.executor.func.blacklist without the exec function:
ServerAlias www.test.com
ServerAdmin webmaster@test.com
DocumentRoot /home/test/public_html
php_admin_value suhosin.executor.func.blacklist "passthru, show_source, shell_exec, system, pcntl_exec, popen, pclose, proc_open, proc_nice, proc_terminate, proc_get_status, proc_close, leak, apache_child_terminate, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, escapeshellcmd, escapeshellarg"
Now exec is disable on the server but it’s enabled on the test domain.
Hope this helps.
Thursday, February 9, 2012
exim commands
Exim Commands
exim -bpc - Print a count of the messages in the queue
exim -bp - Print a listing of the messages in the queue (time queued, size, message-id,
sender, recipient):
exim -M emailID - force delivery of one message
exim -Mvl messageID - View Log for message
exim -Mvb messageID - View Body for message
exim -Mvh messageID - View Header for message
exim -Mrm messageID - ReMove message (no errors sent)
exiqgrep -zi | xargs exim -Mrm - Remove all frozen mails in q
REMOVE MAILS BY ID
exim -v -Mrm (MAIL ID HERE)
LIST QUEDED MAILS
exim -bp
OUTPUT NUMBER OF QUEDED MAILS
exim -bpc
DELETE FROZEN MAILS
exim -bp | awk '$6~"frozen" { print $3 }' | xargs exim -Mrm
DELIVER FORCEFULLY EMAILS
exim -qff -v -C /etc/exim.conf &
FREEZE MAILS FROM SENDER
exiqgrep -i -f (MAIL ADDRESS HERE) | xargs exim -Mf
REMOVE MAILS FROM SENDER
exiqgrep -i -f (MAIL ADDRESS HERE) | xargs exim -Mrm
Remove root mails
exim -bp |grep "hostname" |awk '{print $3}' |xargs exim -Mrm
Forcefully sending mails from a domain
exim -v -Rff domainname.com
Remove all frozen messages:
root@localhost# exiqgrep -z -i | xargs exim -Mrm
Remove all messages older than five days (86400 * 5 = 432000 seconds):
root@localhost# exiqgrep -o 432000 -i | xargs exim -Mrm
Start a queue run:
root@localhost# exim -q -v
Start a queue run for just local deliveries:
root@localhost# exim -ql -v
Remove a message from the queue:
root@localhost# exim -Mrm [ ... ]
Freeze a message:
root@localhost# exim -Mf [ ... ]
Thaw a message:
root@localhost# exim -Mt [ ... ]
Deliver a message, whether it's frozen or not, whether the retry time has been reached or not:
root@localhost# exim -M [ ... ]
Deliver a message, but only if the retry time has been reached:
root@localhost# exim -Mc [ ... ]
Force a message to fail and bounce as "cancelled by administrator":
root@localhost# exim -Mg [ ... ]
Remove all frozen messages:
root@localhost# exiqgrep -z -i | xargs exim -Mrm
Remove all messages older than five days (86400 * 5 = 432000 seconds):
root@localhost# exiqgrep -o 432000 -i | xargs exim -Mrm
Freeze all queued mail from a given sender:
root@localhost# exiqgrep -i -f luser@example.tld | xargs exim -Mf
View a message's headers:
root@localhost# exim -Mvh
View a message's body:
root@localhost# exim -Mvb
View a message's logs:
root@localhost# exim -Mvl
Add a recipient to a message:
root@localhost# exim -Mar [ ... ]
Edit the sender of a message:
root@localhost# exim -Mes
Retrieved from "http://mycutelife.net/wiki/index.php?title=Exim_Commands"
Views
exim -bpc - Print a count of the messages in the queue
exim -bp - Print a listing of the messages in the queue (time queued, size, message-id,
sender, recipient):
exim -M emailID - force delivery of one message
exim -Mvl messageID - View Log for message
exim -Mvb messageID - View Body for message
exim -Mvh messageID - View Header for message
exim -Mrm messageID - ReMove message (no errors sent)
exiqgrep -zi | xargs exim -Mrm - Remove all frozen mails in q
REMOVE MAILS BY ID
exim -v -Mrm (MAIL ID HERE)
LIST QUEDED MAILS
exim -bp
OUTPUT NUMBER OF QUEDED MAILS
exim -bpc
DELETE FROZEN MAILS
exim -bp | awk '$6~"frozen" { print $3 }' | xargs exim -Mrm
DELIVER FORCEFULLY EMAILS
exim -qff -v -C /etc/exim.conf &
FREEZE MAILS FROM SENDER
exiqgrep -i -f (MAIL ADDRESS HERE) | xargs exim -Mf
REMOVE MAILS FROM SENDER
exiqgrep -i -f (MAIL ADDRESS HERE) | xargs exim -Mrm
Remove root mails
exim -bp |grep "hostname" |awk '{print $3}' |xargs exim -Mrm
Forcefully sending mails from a domain
exim -v -Rff domainname.com
Remove all frozen messages:
root@localhost# exiqgrep -z -i | xargs exim -Mrm
Remove all messages older than five days (86400 * 5 = 432000 seconds):
root@localhost# exiqgrep -o 432000 -i | xargs exim -Mrm
Start a queue run:
root@localhost# exim -q -v
Start a queue run for just local deliveries:
root@localhost# exim -ql -v
Remove a message from the queue:
root@localhost# exim -Mrm
Freeze a message:
root@localhost# exim -Mf
Thaw a message:
root@localhost# exim -Mt
Deliver a message, whether it's frozen or not, whether the retry time has been reached or not:
root@localhost# exim -M
Deliver a message, but only if the retry time has been reached:
root@localhost# exim -Mc
Force a message to fail and bounce as "cancelled by administrator":
root@localhost# exim -Mg
Remove all frozen messages:
root@localhost# exiqgrep -z -i | xargs exim -Mrm
Remove all messages older than five days (86400 * 5 = 432000 seconds):
root@localhost# exiqgrep -o 432000 -i | xargs exim -Mrm
Freeze all queued mail from a given sender:
root@localhost# exiqgrep -i -f luser@example.tld | xargs exim -Mf
View a message's headers:
root@localhost# exim -Mvh
View a message's body:
root@localhost# exim -Mvb
View a message's logs:
root@localhost# exim -Mvl
Add a recipient to a message:
root@localhost# exim -Mar
Edit the sender of a message:
root@localhost# exim -Mes
Retrieved from "http://mycutelife.net/wiki/index.php?title=Exim_Commands"
Views
Subscribe to:
Posts (Atom)
Blog Archive
Followers