Postfix Spam EMail Queue Fix

The following commands will allow you to review these queues:

1- Display the mail queues, deferred and pending

mailq

or

postqueue -p

To save the output to a text file you can run:

mailq > mailqueue.txt

or

postqueue -p > mailqueue.txt

Either of these commands will show you all queued messages.

NB: this command shows the sender and recipients and ID, not the message itself. The ID is particularly useful if you want to inspect the message itself.

2- View message (contents, header and body) in Postfix queue

To view a message with the ID XXXXXXX

(you can see the ID from the queue)

postcat -vq XXXXXXXXXX

Or to save it in a file

postcat -vq XXXXXXXXXX > emailXXXXXXXXXX.txt

A useful feature for web servers is to enable mail.add_x_header = on in the Postfix configuration. This will add a header to all outgoing email messages showing the script and user that generated each message.  Once enabled this will then add the following extra header to message:

X-PHP-Originating-Script: 1001:spamEmailer.php

In this example 1001 is the UID and the spamEmailer.php was the script sending the message. This can allow you to quickly track down the source of spam messages being sent by your server.

With these commands you should be able to review your mail queue and make sure that intended messages are being sent and have not been rejected.

How to delete queued mail from the mail queue

Now that we have learned the necessary steps to reviewing your mail queue, the final 3 tips will demonstrate how to delete queued mail.

3- Tell Postfix to process the Queue now

postqueue -f

OR

postfix flush

This will cause Postfix to immediately attempt to send all queued messages.

4- Delete queued mail

Delete all queued mail

postsuper -d ALL

Delete only the differed mail queue messages (i.e. only the ones the system intends to retry later)

postsuper -d ALL deferred

5- Delete mail from the queue selectively

This is not something that is natively included with the standard Postfix tools however can be done with a bit of Perl scripting.

NB: This perl script seems to be free, and is all over the internet however I could not find out where it originates or who wrote it but my thanks go to them!

#########################################

#!/usr/bin/perl

$REGEXP = shift || die "no email-adress given (regexp-style, e.g. bl.*\@yahoo.com)!";

@data = qx</usr/sbin/postqueue -p>;

for (@data) {

  if (/^(\w+)(\*|\!)?\s/) {

     $queue_id = $1;

  }

  if($queue_id) {

    if (/$REGEXP/i) {

      $Q{$queue_id} = 1;

      $queue_id = "";

    }

  }

}

#open(POSTSUPER,"|cat") || die "couldn't open postsuper" ;

open(POSTSUPER,"|postsuper -d -") || die "couldn't open postsuper" ;

foreach (keys %Q) {

  print POSTSUPER "$_\n";

};

close(POSTSUPER);

#########################################

Usage Examples:

Delete all queued messages to or from the domain called spamers.com, enter:

./postfix-delete.pl spamers.com

Delete all queued messages that contain the word "spam" in the e-mail address:

./postfix-delete.pl spam