Shell script to delete messages from exim queue sent by specific authenticated user

Question

I found a way to find and delete from exim queue messages sent using an authenticated account (useful to purge queue from spam sent by a compromised account):

find /var/spool/exim/msglog -exec grep -l login:email@example.com {} \; | sed 's/\/var\/spool\/exim\/msglog\/.\///' | xargs exim -Mrm

Now I would like to write a shell script delq.sh so I can run ./delq.sh mail@example.com to do it, but tried various combinations of quotes but was not able to make find ... -exec login:$1 ... working.

score 0 · Answer 1 · answered Jul 19 '15 at 14:23

0

At last... I was able to write the script:

#!/bin/sh

find /var/spool/exim/msglog -exec grep -l  'login:'$1 {} \; | sed 's/\/var\/spool\/exim\/msglog\/.\///' | xargs exim -Mrm

answered Jul 19 '15 at 14:23

Davide Moretti

117
2
3

score 0 · Answer 2 · answered Aug 06 '15 at 10:49

0

exiqgrep is your friend:

exiqgrep -f email@example.com -i | xargs exim -Mrm

answered Aug 06 '15 at 10:49

krisku

3,916
1
18
10

No, this is not what I need, I need to remove messages that were sent from a specified authenticated user, since the From: can be faked. – Davide Moretti Nov 05 '15 at 18:49
Sorry, the more advanced `exipick` should do the trick: `exipick '$authenticated_id eq "email@example.com"' | xargs exim -Mrm` – krisku Nov 06 '15 at 07:14

Shell script to delete messages from exim queue sent by specific authenticated user

2 Answers2