In this short article, I will be sharing some useful commands I have come to use over the years with cPanel/WHM servers. These commands are especially useful if you are planning to monitor email queues and ensure that no one is compromised and/or isn’t spamming.
Viewing the number of emails
To view the number of emails in the queue, run this command:
To view all the emails (this is useful for the next few sections), run these commands:
exim -bp exim -bp | exiqsumm
Checking emails (e.g. login failures, for spamming content, etc.)
The best way to find out if an account is secure and to also identify if the password has been changed is to refer to these commands:
grep [email protected] /var/log/maillog | grep fail
This will filter through the “/var/log/maillog” to see if there are any failures. This is also useful for checking to see if the customer is using the correct credentials.
Removing emails from the queues
If you have identified the source of the spamming account/domain, you can then use the following commands to clear out the emails.
exiqgrep -i -f EMAIL_ACCOUNT | xargs exim -Mrm exiqgrep -i -r EMAIL_ACCOUNT | xargs exim -Mrm
-f flag indicates the “from” address and the
-r flag indicates the “recipient” address.
Pushing/releasing frozen/queued up emails
First clear out the spam (i.e. identify the spam, if any, and suspend/inform + remove emails from the queue).
Once done, the best way to get this going is to SSH into the server and create a screen so you can run the EXIM email release command in the background. Here is what it will look like:
ssh my.server.tld -4 screen -S exim exim -qf -v
Then you can exit the screen (CTRL+A,D) and let it do its magic.
These commands have helped me in my cPanel/WHM system administration tasks and I hope it helps you too. 🙂