[Exim] Gettinmg Rid of Input Files

Top Page
Delete this message
Reply to this message
Author: Martin Cameron
Date:  
To: exim-users
Subject: [Exim] Gettinmg Rid of Input Files
I noticed that our hard drive on our mail server was getting pretty full
recently. I then discoverd that the culprit was the input directory for
frozen messages.

It contained about 4 gigs of mail.

I immediately changed the configuration settings in our configure file
to reduce the time that the frozen messages and undeliverables stayed in
the spool. The default is 7 days. I changed that to 3 days as follows:
    timeout_frozen_after = 3d


However, the exercise got me to thinking - the cause of the flood in the
input directory was spam from a few, easily identified sources. I wanted
to go through the input directory regularly and get rid of any crap from
these pests.

Here's my solution. I know that Exim will have something much more
elegant, but this really does seem to fit the bill: (As an aside, before
proceeding further, you can get a dump of the headers of the files in
the input directory - default is /var/spool/exim/input - using the
command exim -bp).

The first thing I did was compiled a file that I called "banned"
containing key word that would identify the spammer's mail. This was
simply a text file containing the word to search for on separate lines.
My banned file looks like this:

returns.groups.yahoo.com
niwa
NIWA
teenslits
xelote
porn-o-mail
duress
pagesz.net
vicson.com.ve
betty765

I then wrote a pretty simple script that parses the input directory
files and removes any that it finds with the words in the banned list.
Here is the perl file. (If you want to, run it as a cron job):

#! /usr/bin/perl -w
open(INFILE,"banned");
@banned=<INFILE>;
close(INFILE);

open(OUTFILE, ">>file");
foreach $address(@banned)
{
chop $address;
print "$address\n";
system("egrep '$address' 1* >> file");
}
close OUTFILE;


$file='file';
open(INFO, $file);
@db=<INFO>;
close(INFO);

foreach $row(@db)
{
chop $row;
@data=split/:/,$row;
print "$data[0]\n";
system("rm $data[0] -f");
}

system("rm file -f");

I hope this helps someone who finds themselves in the same position as
me - your HDD getting chewed up by spam at a great rate of knots.

Regards
Martin Cameron