Exim command to remove emails from mail queue for a specific Sender/Receiver – The “exiqgrep” usage

We have already discussed the basic command usages of Exim mail server in one of the previous post.

In this post I am explaining the command usages for finding or sorting emails in Exim mail queue for particular sender or receiver.

We can sort it out in different ways, by using exim basic command and also by using the command “exiqgrep”. To sort mail queue for a sender or receiver, you must have the idea about the field in Exim command output. Then you can simply sort it out with the help of “awk” and other Linux basic commands.

The default Exim command output field with details are explained below:

The “exim -bp” command output:

 4d  2.3K 1X0Baa-0006iR-Ml <>
          [email protected]

70h   999 1X0RmS-0002Ue-Fe <[email protected]>
          [email protected]

In the above list, there are two mails in the mail queue. The queue field details are explained below:

1st field : Message’s age. (Eg: 4d : Four day)

2nd field : Size. (2.3k)

3rd field : Message ID (1X0Baa-0006iR-Ml)

4th field : sender. ([email protected])

5th field/second line : recipient address. ([email protected])

It’s really simple to find/sort email details for a particular user (Sender or Receiver) from the Exim mail queue. We have already discussed about the Exim mail server in different way. Here I am explaining different option to sort emails for a User.

How to check spamming on server which has Exim MTA?

Electronic spamming is the use of electronic messaging systems to send unsolicited messages (spam), especially advertising, as well as sending messages repeatedly on the same site.

It happens in many ways on a mail server. Spamming is one of the common and frequent problem in web hosting industry. Spamming can cause your server’s IPs blocked at different RBLs, if any accounts in your server sends multiple spam emails.

Method I :

Basic method with “exim” command.
We can sort the emails by using the exim command, see the examples below:

I : List all emails from a particular sender:

# exim -bp|grep "username"

Where “username” is the sender name.

Example:

root@server [~]# exim -bp|grep olne5
43h  3.6K 1WFLFH-0006uA-Gk <[email protected]>
43h  3.6K 1WFLOL-0000LX-97 <[email protected]>
43h  1.9K 1WFLQG-0000hv-5M <[email protected]>
43h  3.6K 1WFM7W-0001T5-7B <[email protected]>
42h  6.0K 1WFMEn-0002yJ-A8 <[email protected]>
42h  3.7K 1WFMGq-0003Sf-4T <[email protected]>
42h  3.5K 1WFMyn-0002yN-Tt <[email protected]>
------
------

Use “wc -l” to count total emails
Example:

root@server [~]# exim -bp|grep olne5|wc -l
191

How to remove ? Yes, that’s actually our discussion. You can remove all emails from that user using “awk” and “xargs “ options.
Syntax:

# exim -bp|grep "username"| awk {'print $3'}| xargs exim -Mrm

Example:

root@server [~]# exim -bp|grep olne5| awk {'print $3'}| xargs exim -Mrm

Sorry, I can’t illustrate the example here, because those emails are important for that user 🙂 .

II : List all emails to a particular address:

# exim -bp|grep "username"

Where “username” is the recipient address.
Note that, the recipient details is listed in the second line of “exim -bp” command’s output.

Example:

root@server [~]# exim -bp|grep ommdsdsd
44h  3.6K 1WFLFH-0006uA-Gk <[email protected]>
          [email protected]
44h  3.6K 1WFLOL-0000LX-97 <[email protected]>
          [email protected]
44h  1.9K 1WFLQG-0000hv-5M <[email protected]>
          [email protected]
43h  3.6K 1WFM7W-0001T5-7B <[email protected]>
          [email protected]
------
------

You can use the “awk” & “xargs” commands to remove it from the queue.

Method II :

By using the command “exiqgrep”
The command “exiqgrep” has some useful switches to manage emails which are in the Exim mail queue. Before deleting mails with exiqgrep you must have a little knowledge in “exiqgrep”.

The smart switches of “EXIQGREP” command:

1, -f : to search the exim mail queue for emails from a particular user.
Syntax:

# exiqgrep -f user@domain

2, -r : to search the exim mail queue for emails to a particular address.
Syntax:

# exiqgrep -r user@domain

3, -i : Prints the message ID
You can use it in different manner, some examples are;

Print the message-id of the entire queue:

# exiqgrep -i

You can use it with -f and -r switches to get message ID of a particular sender or receiver.

# exiqgrep -i [-r | -f] ...

4, -o : Prints messages older than a particular time.
Example:

# exiqgrep -o 86400

Where time is specified in Seconds.

5, -y : Prints messages younger than a particular time.

6, -s : Prints messages with a particular size in bytes.
Example:

# exiqgrep -s "^3..$"

“^3$” –> 3bytes
“^3.$” –> 3-30bytes
“^3..$” –> 3-300bytes
“^3…$” –> 3-3000bytes
And so on..

7, -z : list all frozen mails.

8, -x : List all unfrozen mails.

9, -c : Counts the matches with all of the above searches.
Example:

root@server [~]# exiqgrep -c -s "^3...$"
114 matches out of 584 messages

Alright, Hope you got an idea about the usages of “exiqgrep”, Now it is very simple to manage emails for a particular user with the help of “exiqgrep”.

How to remove all emails from a particular user using exiqgrep?

Do follow this command:

# exiqgrep -i -f $user | xargs exim -Mrm

How to remove all emails to a particular user using exiqgrep?

Do follow this command:

# exiqgrep -i -r $user | xargs exim -Mrm

That’s it 🙂 🙂
Please let me know your suggestions.

Exim related posts:
Find out the spam mailing script’s location
Quick way to remove all frozen emails
Exim Log line flags
Exim command to find the mail that we have sent is completed or not
Check spamming on server having EXIM

Post navigation

Arunlal A

Senior System Developer at Zeta. Linux lover. Traveller. Let's connect! Whether you're a seasoned DevOps pro or just starting your journey, I'm always eager to engage with like-minded individuals. Follow my blog for regular updates, connect on social media, and let's embark on this DevOps adventure together! Happy coding and deploying!

2 thoughts on “Exim command to remove emails from mail queue for a specific Sender/Receiver – The “exiqgrep” usage

  1. hello,
    i am already using the delete all from mail que commmand which is of course deleting all messages in the que.

    problem is i have a hacker that is sending using email address that dont exist on one of my domains, i have tried everything to stop the hacker who keeps getting back in somehow and continues to mail and it causes my colo to block all email from my server (big problem)

    heres what i think will work:

    i need a command to delete all emails from [email protected] except for [email protected] so all non-existant email addresses the spammer / hacker is using will automatically be deleted leaving only [email protected] to go through.

    that will stop the spam from going out and my colo from blocking my server and i will still have a normal functioning mail from other domains and from my apps on “mydomain.com”

    i think that will stop this persistent hacker

    thanks for your help

    Alex

Leave a Reply

Your email address will not be published. Required fields are marked *