Removing spam from Postfix queues.
Tech Notes
I've done this a couple of times now so it needs recording. Every now and then someone manages to sneak a load of spam into my mailqueue which does nasty things to my server. Its a matter of identifying the spam and deleting it from the queue. Sometimes I also create a firewall filter for the particular IP address of the offender. This command does several things.
- Read in the mailqueue
- Look for sender address that end with `example.com`
- Ignore senders with valid addresses (`david` and `john`)
- Deletes all those messages from the queue
$ mailq | tail +2 | grep -v '^ *(' | awk 'BEGIN { RS = "" } { if ($7 ~ "example.com$" && $7 !~ "^david|^john" && $9 == "" ) print $1 } ' | tr -d '*!' | sudo postsuper -d -