1) Create a /var/qmail/bin/sendmail-wrapper script with the following content:
(echo X-Additional-Header: $PWD ;cat) | tee -a /var/tmp/mail.send|/var/qmail/bin/sendmail-qmail "$@"
Note, it should be two lines including ‘#!/bin/sh’.
2) Create a log file /var/tmp/mail.send and grant it “a+rw” rights; make the wrapper executable; rename old sendmail; and link it to the new wrapper:
~# touch /var/tmp/mail.send
~# chmod a+rw /var/tmp/mail.send
~# chmod a+x /var/qmail/bin/sendmail-wrapper
~# mv /var/qmail/bin/sendmail /var/qmail/bin/sendmail-qmail
~# ln -s /var/qmail/bin/sendmail-wrapper /var/qmail/bin/sendmail
3) Wait for an hour and change back sendmail:
~# rm -f /var/qmail/bin/sendmail
~# mv /var/qmail/bin/sendmail-qmail /var/qmail/bin/sendmail
Examine the /var/tmp/mail.send file. There should be lines starting with “X-Additional-Header:” pointing to domain folders where the scripts which sent the mail are located.
You can see all the folders from where mail PHP scripts were run with the following command:
~# grep X-Additional /var/tmp/mail.send | grep `cat /etc/psa/psa.conf | grep HTTPD_VHOSTS_D | sed -e 's/HTTPD_VHOSTS_D//' `
For more details on qmail-remove, you may refer to the link below.
1. You have to install the gcc compiler + libraries
yum install gcc gcc-c++
2. Download qmail-remove.
3. Untar the downloaded file.
tar -zxvf qmail-remove-0.95.tar.gz
4. Then do the following.
cp qmail-remove /usr/bin/
To remove emails from specific email address
qmail-remove -r -p "email@example.com"
To remove bounce email all at once
qmail-remove -r -p "bounce"
Step 1. Download qfixq.
Step 2. Change the file permission.
chmod 700 qfixq
Step 3. Stop qmail service.
Step 4. Run the script.
After running it the first time to see what it’s going to do, you should run it a second time, in “live mode”. This will do the same checks, but it will actually correct the errors it finds.
If you know that there’s nothing in the queue you want to save, and you would rather just empty the queue, you can use this command instead. This changes the logic to bypass a lot of the checking, and just plain marks every message it finds for deletion- and then it deletes them.
./qfixq live empty
After running it once in “live mode”, you should run it again (not in live mode) and make sure it doesn’t find anything new. If it does, it means that some process on the system is still interacting with the queue, and if that process is “qmail-send” then running the script may have actually done more damage than good. This is why it’s so important to make sure that anything relating to qmail is totally shut down before running the script.