[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 753
  • Last Modified:

Sendmail Outbound Queue full of NDRs

I've got a sendmail box running the whole clamav/mailscanner/spamassassin on a redhat server and we use it for clients to relay through for email protection.  recently, we had an issue where the server had about 10,000+ messages in the queue that it couldnt' deliver for about 12 hours.  we fixed the issue and the messages that needed to go to the outside world got there fine but now there are like 5,144 messages sitting in my outbound queue waiting to be delivered because they are NDR's (The 4 hour could not send message) that are trying to go to spam-spoofed addresses.  is there a way i can clear these out?  it would be nice if i could just clear out the NDR's that its been trying to send for the past 6 or so hours and leave the regular mail and newer NDR's there for now.

Ideas?
0
Jaidenkell
Asked:
Jaidenkell
  • 2
  • 2
1 Solution
 
PsiCopCommented:
Yes, just delete the qf* and df* files from /var/spool/mqueue (or wherever you have the sendmail queue directory). Since you have such an accurate count, I assume you can specifically identify the message files.
0
 
JaidenkellAuthor Commented:
well the details i get on the queue files are from mailwatch (which logs mailscanner and all of the stuff it does and puts it into a web interface).  so i can see all of the individual mail files and the totals of the whole mail server, but i cant just delete all of the NDR's and DNR's and leave all of the email that is still in there.  i have a bad feeling that of those 5000+ emails, there are probably about 20 or so that are good and wanted and i'd like to avoid deleting.

on a side note i did try setting the queuereturn to like 5 hours on sendmail.cf and restarting sendmail (in hopes that it will purge the emails older the 5 hours, which are all the deferred spam junk) but it doesn't seem to have taken affect.  did i mis-interpret the function of queuereturn?
0
 
PsiCopCommented:
No, I don't think you did it wrong, altho sendmail won't notice they're over the limit until the next time it processes the queue, and if you have any queue-processing limits, those will also play into it.

A good reference to have is _Sendmail_3rd_Edition_ by Bryan Costales, ISBN 1-56592-839-3. I recommend you get a copy.

Here is a snippet of my sendmail.mc - the Page #/Chapter.Section.Part references are from that book above:

!! Page 1066/24.9.109.18 - TimeOut.QueueReturn - Define the lifetime of messages
!! within the sendmail queue before they are bounced as undeliverable. Can also be specified
!! on a per-Priority: header basis, but is not here. Can also use the keyword now to force an
!! immediate bounce of all messages in queue group badqueue. Default is 5 days.
!! RFC1123 recommends 5 day minimum
define(`confTO_QUEUERETURN', `#d')dnl

You may also want to define a Dead Letter Drop:

!! Page 967/24.9.26 - Path to write for E-Mail that double-bounces and no recipient is
!! defined locally
define(`confDEAD_LETTER_DROP', `/some/path/here')dnl

You can see my annotated sendmail.mc for some other ideas --> http://www.experts-exchange.com/Networking/Email_Groupware/Sendmail/Q_21116293.html
0
 
JaidenkellAuthor Commented:
Well it looks like it just took a long time for the queuereturn to take effect but it purged teh system and i moved it back up to 15 days.  quite an adventure.  thanks for the help!
0

Featured Post

NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now