Is there a way I could automatically stop the outbound SMTP service when the threshold I set is exceeded? Although I’ve only been hit twice in the past year, I’d like to at least stop the service until I can intervene, inspect and rectify.
Sorry to bump a 7+ month old thread but I figured this can be of use to somebody else. I found a script online that sends alerts and monitors the qmail queue so I tweaked it so that it stops qmail if the queue reaches a certain level.
#!/bin/bashEMAIL="user@example.com"
LIMIT=###
QVALUE=`/var/qmail/bin/qmail-qstat | head -1 | awk '{print $4;}'`
WARNING="Your mail queue is over $LIMIT, please investigate."
if
[ "$QVALUE" -ge "$LIMIT" ] ; then
/etc/init.d/smtp stop
echo $WARNING
echo "Check the queue!" | mail -s "$WARNING" $EMAIL
fi
All you need to change is EMAIL and LIMIT to your values, you can also change the WARNING message if you want a more descriptive subject or want to include the hostname or something.
Many thanks for sharing, but do you mind me asking, when you stop SMTP, is this only for outgoing SMTP. If not, stopping SMTP incoming will stop incoming email, which is not ideal.
I do like your idea of a warning to be sent, and also wondered if this is a cron script, as you have not said how to run its orry.
It might be an idea to run this along side spamdyke, which can limit teh number of recipients a user can sent to at any 1 go.
The script stops the following services: smtp, smtp2, sendmail
I had it set to run every 5 minutes on a cron and I didn’t think about it but you’re right, this will stop both inbound and outbound SMTP so it’s not ideal. I came up with this idea before I started using an external SMTP server to filter inbound and outbound mail for spam which is a much better solution.
The code I posted above would work better if it just blocked ports via iptables instead. I’ll do an update when I get a chance.
Finally got around to fixing the code so it just blocks outbound e-mails from being sent over port 25:
#!/bin/bash
EMAIL="user@example.com"
LIMIT=###
QVALUE=`/var/qmail/bin/qmail-qstat | head -1 | awk '{print $4;}'`
WARNING="Your mail queue is over $LIMIT, please investigate."
if
[ "$QVALUE" -ge "$LIMIT" ] ; then
/sbin/iptables -A OUTPUT -p tcp --dport 25 -j DROP
echo "Check the queue!" | mail -s "$WARNING" $EMAIL
fi