Re: [exim] Find Ip address and content of frozen messages

Top Page
Delete this message
Reply to this message
Author: Gergely Nagy
Date:  
To: Exim Mailing List
Subject: Re: [exim] Find Ip address and content of frozen messages
>>> I am trying to know the ip address of a list of frozen messages. Also, I
>>> want to know the content of the each message.
>>>
>> OK...
>>
>>
>>> With exim -bpc I can count the total messages in the spool and with exim
>>> -bp I can see a resume of the data I need.
>>>
>>> What command I can use ?
>>>
>> exipick is the tool of choice here, coupled with the exim binary itself
>> and a bit of creative plumbing in your shell of choice.
>>
>> "exipick -z" extracts a list of frozen messages.
>> "exipick -z -i" extracts the queue ID of frozen messages.
>>
>> For a long list of frozen messages where you want to see the body, use:
>>
>> for x in `exipick -z -i`; do echo $x; exim -Mvb $x; done
>>
>> You may want to put a pager in there somewhere - either pipe "exim -Mvb
>> $x" through a pager, or pipe the whole output through after the "done".
>>
>> When you say you want to "know the IP address", what do you mean? The
>> one the message arrived from?
>>
> Yes, I want to know if they are spam only or there is some PC infected
> and it is sending messages.


exipick -z -i --show-vars sender_host_address,message_body

And then you can parse that output by a program, or look through it
manually.

--
Gergely Nagy <gergely.nagy@???>