exigrep- finding message information in the logs
exiqgrep- finding message information in the queue
exiwhat- what is exim doing?
exim- used to give Exim a directive
-bpc- Counting messages in the queue
-Mvb- Headers/Body of messages in the queue
-bt- Testing mail transactions
-d- Debugging mail transactions
-Mrm- Removal of messages in the queue
There are countless times when information on how to use/manage exim as well as the exim mail queue is helpful and hopefully shedding some light on the subject helps someone out there struggling! We'll go over specific commands first then use some flags with the exim command second.
We'll go over a lot of commonly used commands and we'll start with exigrep since it's (my) most used and I think most useful exim specific command. Similar to grep but for exim.
This is defined in its man page as follows:
The exigrep utility is a Perl script that searches one or more main log files for entries that match a given pattern. When it finds a match, it extracts all the log entries for the relevant message, not just those that match the pattern. Thus, exigrep can extract complete log entries for a given message, or all mail for a given user, or for a given host, for example.
Find a specific message by message ID (MID)
exigrep <messageID> /var/log/exim_mainlog
(If you're not sure how to get the Message ID I'll show you how to do that later on)
You can also use exigrep to search for a user or domain:
exigrep email@example.com /var/log/exim_mainlog
You get a little more advanced with this and look for just outgoing mail for one specific user:
exigrep "<= .*firstname.lastname@example.org" /var/log/exim_mainlog
Keep in mind exigrep gives you the log data for the message ID and related log entries, not just the exact matches as you'd get with using grep.
Similar to exigrep exiqgrep is another search function defined here as follows:
The exiqgrep utility is a Perl script which offers possibilities to grep in the exim queue output. Unlike exiqsumm, it invokes exim -bpu itself and does not need to be invoked in a pipe.
If I want to search the entire exim queue (not log but the queue meaning messages waiting in queue) for messages that originated from the email@example.com user I'd use the
exiqgrep -f firstname.lastname@example.org
If I wanted to search for messages that have the recipient of email@example.com I would use the
exiqgrep -r firstname.lastname@example.org
This could be useful if you're for whatever reason unable to use the Mail Queue Manager and looking for a potential spammer, you might want to know how many messages you have in queue right now that email@example.com has sent. To do that you'd run something like this:
exiqgrep -f firstname.lastname@example.org| wc -l
You might find after running that, email@example.com has 1000000000 messages in the queue. Yea maybe that's too many, but lets say you're wanting to remove those. You could then run something like:
exiqgrep -i -f firstname.lastname@example.org |xargs exim -Mrm
-i flag is to just list message ID's the
-f flag is to only look at messages email@example.com sent. This command builds the list then pipes it to
exim -Mrmwhich deletes the messages
What the heck is exim even doing right now? (not the formal definition but it does the trick)
root@server [~]# exiwhat
535 daemon(4.91): -q1h, listening for SMTP on port 25 (IPv6 and IPv4) port 587 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
exim -bp - print all messages in queue. This is helpful when you want so see something like all the messages in queue for one specific user or destination:
root@server [~]# exim -bp |grep firstname.lastname@example.org
exim -bpc - count all messages in the queue. In other words how many messages is exim trying to manage right now?
root@server [~]# exim -bpc
exim -Mvh <MessageID> - This will get you the headers of a message in the queue
exim -Mvh <MessageID> - This will get you the body of a message in the queue
exim -bh <IPAdress> - run a fake SMTP transaction as though it were originating from the given IP address. What happens when exim receives a message from this IP (optionally from this IP on this port)
root@server [~]# exim -bh 184.108.40.206
Optionally with the port:
root@server [~]# exim -bh 220.127.116.11.25
- If you do include the port number note that it needs to be included after a '.' not a ':'
exim -bt - test how exim will route an address
root@server [~]#exim -bt email@example.com
exim -d - run exim with debug options. This can be run with any of the flags given to output debug information - be warned it's a lot of data but can be extremely useful.
root@server [~]# exim -d -bt firstname.lastname@example.org
exim -Mrm <MessageID> - remove a single message from the queue by Message ID. You can also remove multiple emails with this flag. I would recommend though, that you don't do this through the CLI on cPanel/WHM servers but rather go to WHM>>Email>>Mail Queue Manager to remove them if they must be removed.