Postfix: How to Clear Spam

This tutorial will assist you how to clear spam within Linux server. In our case, mostly Signetique server use Postfix as alternative mail server. But some of them is qmail. Typically postfix quite same as qmail.

Hold the mail queue

postsuper -h ALL

Go to hold folder to identify which message can be removed

cd /var/spool/postfix/hold

Check email messages based on major variables. For most cases, search syntax .php because typically compromised website has run malicious script.

If the compromised email due to being logged in and used for mass-spamming email activity, then you need to take a look for syntax sasl_user.

postcat -qv <message-ID>

Now based on two syntax, we will remove all unlegitimate emails. REMEMBER! The objective is remove emails based on major variables. Basically we are using pattern. This pattern stand for php script, sender email, or anything that defined.

grep “pattern” * | xargs rm

Check mail again and see if there are some emails left.

mailq | grep -i req

If everything done, then we queue rest emails to live queue.

postsuper -r ALL

Now we flush the configuration of postfix to avoid corrupt.

postfix reload 

Done.