How we can prevent mailqueue to be cluttered by SPAM? I mean prevent server overload because of many thousands mails in queue?

What are the ideas to achieve it?


in WHM /Server Configuration / Tweak Settings there are options:

mail delivery retry time [?]
Time between mail server queue runs

Max hourly emails per domain [?]
The maximum number of emails each domain can send out per hour.

The percentage of email messages (above the account’s hourly maximum) to queue and retry for delivery. (Minimum: 100; Maximum: 10,000) [?]

Maximum percentage of failed or deferred messages a domain may send per hour [?]
The maximum percentage of a domain’s outgoing mail that can consist of failed or deferred messages. Once the domain exceeds this percentage, it is temporarily blocked from sending mail.

Number of failed or deferred messages a domain may send before protections can be triggered [?]
When a domain sends this number of failed or deferred messages in an hour, and the “Maximum percentage of failed or deferred messages a domain may send per hour” has also been reached, the domain will be temporarily unable to send outgoing mail.

In addition, there is a script that can be run on cronjob to check mailqueue and delete big senders mails.. the delay between cronjobs runs someone adviced like 6-12hours:

echo "The 1 liner below will:

1. Log the mail queue to /root/mailq.log
2. A per-account "count" is run on the mail queue to determine how many emails each account has sent.
3. If the account has more than 1,000 emails sitting in the mail queue -- those emails are automatically removed.
4. An email is automatically sent to [email protected] containing the full mail queue (prior to the removal).

/bin/nice -n 19 exim -bp > /root/mailq.log; cat /root/mailq.log|awk {'print $4'} | sort | uniq -c | awk {'if ($1 > 1000) if ($2 != "<>") if ($2 != "") system("exiqgrep -i -f $2 | xargs exim -Mrm;mail -s \"Hacked Account\" [email protected] </root/mailq.log ")'}