Solved

maillog

Posted on 2014-10-02
22
58 Views
Last Modified: 2015-05-04
Hi Sir:
we have postfix mail server running in Centos 5. yesterday I started to get message in log that there is insufficient space., then I contacted one guy he told me that VAR is full you need to flush or delete to make space free. I don't have an idea how to flush and make space free; requesting me to guide or educate me how to make space free without any effect on mail server function.
0
Comment
Question by:Sanjeev jha
  • 12
  • 7
  • 3
22 Comments
 
LVL 62

Expert Comment

by:gheist
ID: 40356632
mailq
(anything here?)

cd /var
du -sk * | sort -n
(Whos top consumer of disk space?)

Once we know it we will figure out best way to proceed.
0
 

Author Comment

by:Sanjeev jha
ID: 40356753
I got the output by this command
du -sk * | sort -n
Now what should and How do i do for making free.
4       mail
8       ftp
8       games
8       local
8       nis
8       opt
8       preserve
8       racoon
8       rrdtool
8       tmp
12      account
16      lost+found
20      gdm
24      yp
28      db
32      empty
32      lock
88      named
256     run
560     webmin
66044   cache
111516  clamav
199960  virusmails
508316  spool
777952  lib
882932  amavis
1423488 www
10218052        log
0
 
LVL 62

Expert Comment

by:gheist
ID: 40356794
now repeat same command in log/ - maybe we need to configure log rotation to make it work better
i suspect virusmails is sort of quarantine and you can delete most of it.
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 
LVL 13

Expert Comment

by:Sandy
ID: 40357007
run below one

#find /var -xdev -ls | sort -nr -k 7 | head -20

and then also check the  data in /var/spool

TY/SA
0
 

Author Comment

by:Sanjeev jha
ID: 40363709
find /var/ -xdev -ls | sort -nr -k 7 | head -20
 65286 1085792 -rw-------   1 root     utmp     1110761472 Oct  6 18:44 /var/log/btmp
4994028 645484 -rw-rw----   1 mysql    mysql    660322116 Oct  6 19:45 /var/lib/mysql/amavis/msg.MYD
 65375 497740 -rw-r--r--   1 root     root     509181211 Oct  6 19:48 /var/log/httpd/access_log
 65319 149532 -rw-------   1 root     root     152963711 Oct  6 19:38 /var/log/xferlog
 65380 149448 -rw-------   1 root     root     152875814 Oct  6 19:48 /var/log/vsftpd.log
3623058 63272 -rw-r--r--   1 clamav   clamav   64720632 Dec 26  2013 /var/clamav/main.cvd
 65440 55932 -rw-------   1 root     root     57209282 Oct  6 19:48 /var/log/cron
 65353 45204 -rw-------   1 root     root     46235648 Jun 27  2011 /var/log/.maillog.1.swp
4961774 37380 -rw-r-----   1 root     slocate  38230739 Jun 16 04:22 /var/lib/mlocate/mlocate.db
4961286 29320 -rw-r--r--   1 rpm      rpm      29986816 Oct  6 13:30 /var/lib/rpm/Packages
 65448 26784 -rwxrwxrwx   1 dovecot  dovecot  27392526 Oct  6 19:49 /var/log/dovecot.log
457040 25788 -rw-r--r--   1 root     root     26372096 Oct  1 21:49 /var/cache/yum/rpmforge/primary.xml.gz.sqlite
4961780 25644 -rw-r--r--   1 clam     clam     26224310 Jul 27  2011 /var/lib/clamav/main.cvd
 65428 25072 -rw-------   1 root     root     25637842 May 12  2013 /var/log/maillog.4
 65381 24988 -rw-------   1 root     root     25553411 Oct  6 19:48 /var/log/maillog
 65418 23532 -rw-------   1 root     root     24067872 Jun  2  2013 /var/log/maillog.1
 65415 23516 -rw-------   1 root     root     24050735 May 19  2013 /var/log/maillog.3
 65416 22552 -rw-------   1 root     root     23061228 May 26  2013 /var/log/maillog.2
3623045 22400 -rw-r--r--   1 clamav   clamav   22906487 Apr  1  2010 /var/clamav/main.cvd.rpmnew
 65358 22056 -rw-r--r--   1 amavis   amavis   22554328 Jun  2  2013 /var/log/amavis.log.1
[root@firewall ~]#
0
 

Author Comment

by:Sanjeev jha
ID: 40363715
[root@firewall spool]# du -sk * | sort -n
8       lpd
8       repackage
8       vbox
12      cron
16      cups
20      at
20      vacation
24      mail
32      anacron
7056    squirrelmail
47408   postfix
205444  squid
0
 

Author Comment

by:Sanjeev jha
ID: 40363721
command suggested by you and output shared.
Please now tell me next command by which I can be able to manage var log files so that my mailserver not stuck and do not bounce any mail.
0
 
LVL 62

Expert Comment

by:gheist
ID: 40363739
You can zero btmp file (list of all failed logins)
:>/var/log/btmp
amavis database in mysql is not cleaned up

You need to rotate logs sometimes (and dont try to edit them with vi to not create likely-sized backup copies)
0
 

Author Comment

by:Sanjeev jha
ID: 40363789
if i understood you correctly then should i delete btmp file from log?
0
 
LVL 62

Expert Comment

by:gheist
ID: 40363816
TRUNCATE, not delete, as indicated, and probably restrict unsolicited login channels where mass password guessing takes place.
0
 

Author Comment

by:Sanjeev jha
ID: 40363887
How this command works and it would be applicable for all which is under /var.

I would appreciate the way you are helping.
Hope you will help me until i understood perfectly.
0
 
LVL 62

Expert Comment

by:gheist
ID: 40364477
: > /var/log/btmp
NOOP outputing_to A_FILE
0
 

Author Comment

by:Sanjeev jha
ID: 40384096
/var/spool/clientmqueue

there is a file in clientmqueue...
which command needs to run to remove files under this. please mentioned.
0
 
LVL 13

Expert Comment

by:Sandy
ID: 40384101
this has all deffered mails you can delete by using rm -rf /var/spool/clientmqueue/*

TY/SA
0
 

Author Comment

by:Sanjeev jha
ID: 40384129
Thanks I run this command and deleted the file and size become lowest in KB

one thing just would like to confirm with you if i need to empty the log file without any impact on original log file which command should i run to make log empty?
thanks for your cooperation
and would appreciate if you tell me on which log this command can be run and How
0
 

Author Comment

by:Sanjeev jha
ID: 40384131
is this command is correct echo /dev/null > maillog
0
 
LVL 13

Expert Comment

by:Sandy
ID: 40384143
First take the backup in case u need in future then do the gzip

use the above command to truncate the log file will work

ty/sa
0
 
LVL 62

Expert Comment

by:gheist
ID: 40385344
: means abbreviation of "true"

: >/var/log/maillog
0
 

Author Comment

by:Sanjeev jha
ID: 40423736
Thanks Sir: There is one folder as the name of 'Virtual' in home directory. It is showing 90% full how it can be reduce in size without any side effect on running mail server.
Please help me regarding this. I would appreciate for always support.
0
 
LVL 62

Expert Comment

by:gheist
ID: 40423835
Can you illustrate it with
# du -sk| sort -n
?
0
 

Accepted Solution

by:
Sanjeev jha earned 0 total points
ID: 40425517
[root@firewall home]# du -sk| sort -n
38639192
0
 

Author Closing Comment

by:Sanjeev jha
ID: 40757797
Issue has been solved.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
capture pcap with filtered traffic 1 98
Linux Desktop suggestion for Dell Inspiron 3043 13 67
Recover Lacie Edmini data. 11 67
Certificate Request CentOS/Apache 1 27
Daily system administration tasks often require administrators to connect remote systems. But allowing these remote systems to accept passwords makes these systems vulnerable to the risk of brute-force password guessing attacks. Furthermore there ar…
If you have a server on collocation with the super-fast CPU, that doesn't mean that you get it running at full power. Here is a preamble. When doing inventory of Linux servers, that I'm administering, I've found that some of them are running on l…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question