this server is listed in the CBL
lsof -i | grep smtp SPAM SPAM SPAM SPAM SPAM
exim -bpc 26000+ spams in outbound queue
exim -bp | exiqsumm SPAM SPAM SPAM SPAM SPAM
exim -bp > qdump.txt spam is being sent TO many addresses, FROM many addresses but the SENDER has the SAME domain name
exiqgrep -i -f DOMAINNAME | xargs exim -Mf 26000+ spams in outbound queue have been frozen
exiqgrep -z -i | xargs exim -Mrm 26000+ spams in outbound queue have been removed
Root cause: unpatched Joomla vulnerability (site now offline)
Edit: exim commandline goodness from here: http://bradthemad.org/tech/notes/exim_cheatsheet.php
[link][1 comment]
