Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Advertise on LowEndTalk.com
Send System/Cron mails *without* Exim MTA
New on LowEndTalk? Please read our 'Community Rules' by clicking on it in the right menu!

Send System/Cron mails *without* Exim MTA

mehargagsmehargags Member
edited December 2016 in Help

Hi all,

on WordPress servers, often there is a breach or infection for varied reasons like WP-Core not updated or some malicious plugin/theme installed by user.

I would like to "watch" the Exim Queue count (exim -bpc) and report if the count is over a threshold. But the problem is, suppose under a compromised state, the Exim queue is already sitting at 10000, the "alert" mail will be queued after that and is practically never going to shoot out, failing the very purpose of the alert.

Is there a way to configure an alternative MTA like ssmtp or anything else, in parallel to Exim4, so that all cron mails are sent through this special MTA rather than main MTA-Exim

It'd be great to able to send these mails through an authenticated SMTP remote host, like a gmail account to ensure deliverability.

Also if there is a system watcher app that can watch the Exim Queue count (exim -bpc) and report if the count is over a threshold ? Would be a alot of help for servers hosting Wordpress where there is a time to time breach

Comments

  • leapswitchleapswitch Member, Provider

    You can configure something like Zabbix to get the queue count and report on the zabbix dashboard above a certain threshold.

    Thanked by 1mehargags

    Leapswitch Networks - Affordable Managed and UnManaged VPS
    Pune/Mumbai, India - Asheville, USA - Lisbon, Portugal - Kiev, Ukraine - Barcelona, Spain - Frankfurt, Germany

  • Here are some options:

    1. Cron job to monitor your queues etc. and if whatever condition matches use msmtp to send out an email via Gmail (etc.) (will bypass your entire exim queue locally as you desire).

    2. Cron job like (1) but instead of using msmtp use curl to post to mailgun/sendgrid/whatever and get your notification delivered again bypassing local exim queue.

    I'm sure there are variants of the above that'll do the trick.

    I was also thinking of a procmail recipe but that would depend on local exim and so may not be a great option (although local deliveries should work pretty quickly even if your remote messages are queued via exim assuming you have a reasonably frequent queue runner).

    Thanked by 1mehargags
  • I Googled "exim queue size alert" and came across this script:

    https://blog.hostonnet.com/php-script-to-alert-if-mail-queue-size-is-above-x-on-cpanel-server

    Instead of the mail() function configure PHPMailer to relay emails. If you have disabled PHP's exec() function and don't want to enable it, write a shell script and pipe the alerts to a PHP script and email the content using PHPMailer.

    Thanked by 1mehargags
  • Yeh PHPMailer just came to my mind right after posting this thread. Been using it for years and can be scripted into a single file. I'm sure the same can be done via curl/Python script as well.

    Will dwell further and post. Thanks for the pointers!!

Sign In or Register to comment.