On Wed, Mar 11, 2015 at 09:13:45PM -0700, Robin Rowe wrote:
> Wondering how to track down some emails being sent from WordPress.
Freeze them in the queue, and examine with "postcat -q <queue-id>".
> Looking at the mail.log of the last www-data send, it says gmail has
> shut the recipient's email address off because they're being hammered. The
> log also shows there are 5 sends in the same second for job 12446, like
> below.
The same queue manager process is expected to handle multiple
messages (in fact all messages until Postfix is restarted or
reloaded).
> Mar 9 02:21:04 goshtv postfix/qmgr[12446]: DCAF8461572:
> from=<www-d...@p2450473.pubip.goshtv.com>, size=683, nrcpt=1 (queue active)
>
The logs you want are the "pickup" logs, not the "qmgr" logs.
Configure pickup to send mail via an extra SMTP hop that puts
all mail from www-data on hold:
pickup-sender:
www-data@ HOLD CGI form exploit
# postmap pickup-sender
main.cf:
indexed = ${default_database_type}:${config_directory}/
pickup_sender_restrictions =
check_sender_access ${indexed}pickup-sender
master.cf:
# Modify:
pickup unix n - n 60 1 pickup
-o content_filter=smtp:[127.0.0.1]:2525
# Add:
127.0.0.1:2525 inet n - n - - smtpd
-o smtpd_sender_restrictions=$pickup_sender_restrictions
# postfix reload
Then look for logs indicating mail being placed on HOLD,
and:
# postcat -bhq <queue-id>
--
Viktor.
