Clear Mail queue on Postfix or Plesk

How to clear the mailqueue.

Check the mailq:

# /usr/local/psa/admin/bin/mailqueuemng -s

View 5 of the items for a certain domain:

# /usr/local/psa/admin/bin/mailqueuemng -s | grep -C 5 user@domain.com
# /usr/local/psa/admin/bin/mailqueuemng -D"

or

# postsuper -d ALL

If you get a permission error on an older PLesk 9 instance

# /usr/sbin/postsuper -d ALL

To remove specific emails from a domain:

# postqueue -p | tail -n +2 | awk 'BEGIN { RS = "" } /@domain\.com/ { print $1 }' | tr -d '*!' | postsuper -d -

Or

# mailq | tail -n +2 | grep -v '^ *(' | awk  'BEGIN { RS = "" } { if ($8 == "USER@EXAMPLE.COM" && $9 == "") print $1 } ' | tr -d '*!' | postsuper -d -

Setting up mail on iPhone/iPad/iOS

Source:

http://www.one.com/en/support/guide/mail/setting-up-mail-on-iphone-ipad-ios

http://support.apple.com/kb/HT4810

If you use a common email provider, your device will load your email settings automatically. If your device doesn’t load these settings and you don’t know them, contact your email provider and ask for this information:

My Email settings
My email address:
My email provider:

Incoming Mail Server Settings
Account type (POP or IMAP): IMAP
Incoming Mail Server: For Incoming Mail Server enter imap.domain.com as Host Name, domain.com being your domain
User Name: Enter your full email address as User Name e.g. name@example.com
Password: Your email password
Incoming server port number: 993
Incoming server supports SSL? (yes or no): On

Outgoing Mail Server Settings
Outgoing mail server: or Outgoing Mail Server enter smtp.domain.com as Host Name.
User name: Enter your full email address as User Name e.g. name@example.com
Password: Your email password
Outgoing server port: In Server Port you should use port 465
Outgoing server supports SSL? (yes or no): On

Spam Check list

Check the mail queue in a plesk server:

# /usr/local/psa/admin/bin/mailqueuemng -s

mail queue is full of spam type messages like this:

Subject: Mr.: 14623c9d 65% off for you!
Sale Sale Sale!! Vigara – 0.54$, Cilias – 1.09$, Levtira – 1.15$.. and more more more… ”

Steps to take:

1. Check the mail queue for suspicious emails that are spam and remove them. Monitor the mail queue to see who is sending email and the content and locate the email account for spam delivery.

To remove all mail from the queue, enter:

# postsuper -d ALL

2. Check the passwords for the email accounts with this command logged in ssh as root:

# /usr/local/psa/admin/bin/mail_auth_view
Change all weak passwords to more secure passwords. (There are many simple email passwords).

3. Check any wordpress and joomla web sites for updates. Make sure all plugins and core software is up to date.

4. Check any forms on websites and ensure that they have captcha enabled so that they cannot be submitted automatically.

Here are some links to assist in installing an email wrapper to see if the sever is sending spam via a script:

If Postfix – http://kb.parallels.com/en/114845

Once the server is verified spam free you can contact us and we can help with any de-listing submissions.

Please let us know if you have any other questions.

Email Tips

Not receiving emails from a site form:

This issue was caused by the hostname of the server, which was dsw33.managed.domain.com, Update this to a vaild hostname like mail.thedomain.com and add the matching PTR (reverse DNS) record to match. You will need to add an A record at your DNS provider that points mail.thedomain.com to the IP if the server.

Check if the script is attempting to send with the From header as the user’s submitted e-mail address. This can cause issues as most major e-mail providers employ an e-mail feature known as DMARC to help reduce forging of their domains:

http://www.dmarc.org/faq.html

SPF Records

Sender Policy Framework (SPF) is a method of fighting spam. As more time passes, this protocol will be used as one of the standard methods of fighting spam on the Internet. An SPF record is a TXT record that is part of a domain’s DNS zone file. The TXT record specifies a list of authorized host names/IP addresses that mail can originate from for a given domain name. Once this entry is placed within the DNS zone, no further configuration is necessary to take advantage of servers that incorporate SPF checking into their anti-spam systems. This SPF record is added the same way as a regular A, MX, or CNAME record.


v=spf1 mx a ip4:192.55.182.34 ~all

* Make sure the IP above has an A record set in the DNS zone

Default:


"v=spf1 a mx ~all"
“v=spf1 a mx ip4:IP.ADD.RE.SS include:mail.domain.com ~all”

Example:


domain.com. IN TXT “v=spf1 a mx ip4:IP.ADD.RE.SS include:spf.messaging.microsoft.com include:mail.domain2.com ~all”

Description:

When should I use one?

An SPF record is generally used when your company is trying to avoid people using your domain for SPAM. The thing you need to know when working with SurveyGizmo is making sure that if you do have an SPF record, that we are whitelisted in it. Whitelisting us will allow you to use your domain as the FROM field when using the SurveyGizmo application to send out email campaigns or send email actions.

What should I avoid?

If you don’t have an SPF record already in place, then we don’t recommend setting one up mid-campaign. Adding one will most likely not increase your deliverability in any way.

If you already have an SPF record, or are setting one up for other purposes, you’ll want to make sure you don’t set it to only allow SurveyGizmo. If you do, then you won’t be able to send out emails from any other servers.

If I have an SPF record, and need to whitelist SurveyGizmo, what should I use?

If you already have an SPF record set up on the domain you want to send emails from, then we recommend adding the following IP addresses to your SPF.


ipv4:74.63.000.0/24

This will include our servers in your preferred server list. You can also use “include:sgizmo.com”, however, the IP addresses above are more practical. If you were to use “include:sgizmo.com” it would include all of our SPF records, which is excessive as we have internal SurveyGizmo IP addresses that the application doesn’t use.

How to make one

http://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/

SPF – v=spf1 +a +mx +ip4:67.228.44.45 ?all

You can find more about SPF records here:

http://www.openspf.org/
http://en.wikipedia.org/wiki/Sender_Policy_FrameworkHome
Server Status

and you can generate an SPF record here:

http://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/

Outlook or Mail AAAA Error

Trying to send email to an outlook.com account and getting this failure.


: Host or domain name not found. Name service error for
name=outlook.com type=AAAA: Host not found

Currently Microsoft doesn’t support IPv6 for hotmail.com, live.com or outlook.com. Postfix by default if IPv6 is enabled will attempt a IPv6 DNS lookup, the AAAA record, this will fail as Microsoft doesn’t publish AAAA records for either domain. Current work around is to disable IPv6 in Postfix’s configuration:


/etc/postfix/main.cf

Change:


inet_protocols = all

to


inet_protocols = ipv4

Then restart postfix:


service postfix restart

Stop Spam and http access with IPtables

To stop Spam:

drop SMTP on port 25, 465 and 587 to prevent further spam from being sent out by running the following commands:


# /sbin/iptables -A INPUT -p tcp --dport 25 -j DROP
# /sbin/iptables -A OUTPUT -p tcp --dport 25 -j DROP
# /sbin/iptables -A INPUT -p tcp --dport 465 -j DROP
# /sbin/iptables -A OUTPUT -p tcp --dport 465 -j DROP
# /sbin/iptables -A INPUT -p tcp --dport 587 -j DROP
# /sbin/iptables -A OUTPUT -p tcp --dport 587 -j DROP

Restart:

# service iptables restart

Block an IP accessing the site:

# iptables -A INPUT -s 80.35.xx.xxx -j DROP

Restart:

# service iptables restart

After that – check the cpnael access logs for the domain and see that there is a 403 Error:

# tail -f /usr/local/apache/domlogs/gamedayboston.com

80.82.xx.xx - - [07/Oct/2014:17:13:46 -0400] "POST /xmlrpc.php HTTP/1.0" 403 - "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)"
80.82.xx.xx - - [07/Oct/2014:17:13:46 -0400] "POST /xmlrpc.php HTTP/1.0" 403 - "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)"
80.82.xx.xx - - [07/Oct/2014:17:13:46 -0400] "POST /xmlrpc.php HTTP/1.0" 403 - "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)"