Tuesday, February 20, 2007

Mail Queue Recipient Distribution

This pipeline will parse the output of sendmail’s mailq command to determine who’s getting the mail in the queue. I regularly work with a shared hosting environment. When a queue on one of our mail servers suddenly shoots up, I need to know why and fast. I use this to see which domain is receiving the mail. If it’s a domain on that server I look to see if a spam probing bot has found an account with a “catchall” alias. This will tell you how many messages each domain has currently in the queue. Using the same pipeline but removing the -v will show you the distribution for senders. This is helpful to know if one domain is launching a large volley of mail which could mean an abusive customer. Also note that the ^l is time-dependent. This is the first letter of your message ID’s and the proper letter can be found by doing a mailq or mailq -OMaxQueueRunSize=1.



mailq | grep -v ^l | awk -F@ '{print $2}' | sort | uniq -c | sort -n

doafter

The following script will wait for the exit of a certain process (by pid) and will run a command after the exit of the watched process. It works by polling for the existence of the directory in /proc representing the given pid. After that directory is gone it runs the supplied command. It checks every 10 seconds. It exits returning an error if the pid doesn’t already exist.




#!/bin/bash
## doafter - by Jason Mansfield - http://clinicallyawesome.com/

if [ "${2}" = "" ]
then
echo "Usage: doafter "
exit -1
fi

WATCHPID=${1}

if [ ! -d /proc/${WATCHPID} ]
then
echo "No such process: ${1}"
exit -1
fi

shift

while [ -d /proc/${WATCHPID} ]
do
sleep 10s
done

${@}