Postfix Mail Queue Troubleshooting Commands

Postfix maintains two queues: the deferred queue contains mail items that has soft-fail status, which is temporarily placed in there and will be retried later by postfix. Pending queue is the queue containing mail to be sent out.

1/ Displaying a list of mail in deferred and pending queues

mailq

or

postqueue –p

Note that the last line of mailq shows the number of mails in the queue. You can use the following command:

mailq | tail -1

Also, to sort the output based on From address:

mailq | awk ‘/^[0-9,A-F]/ {print $7}’ | sort | uniq -c | sort -n

2/ Displaying contents / headers / body of email in a queue

postcat –vq QUEUE_NUMBER

If you receive an error message that says

postcat: fatal: open queue file QUEUE_NUMBER: No such file or directory

then it means that the message has been delivered or removed using postsuper.

3/ Push out all email in the queue

postqueue –f

or

postfix flush

4/ Remove all mail in queue

postsuper –d ALL

5/ Remove all mail in deferred queue only (these are the email that Postfix will retry to send)

postsuper –d ALL deferred

6/ Remove a certain email from certain sender/receiver/domain from the queue

This one is a bit involved. First, copy the following code and save it in a file called /home/user/postfix-delete-queue.pl (credit to the author in an Internet newsgroup).

#!/usr/bin/perl
$REGEXP = shift || die "no email-adress given (regexp-style, e.g. bl.*\@dalaris.com)!";
@data = qx</usr/sbin/postqueue -p>;
for (@data) {
if (/^(\w+)(\*|\!)?\s/) {
$queue_id = $1;
}
  if($queue_id) {
  if (/$REGEXP/i) {
  $Q{$queue_id} = 1;
  $queue_id = "";
}
}
}
#open(POSTSUPER,"|cat") || die "couldn't open postsuper" ;
open(POSTSUPER,"|postsuper -d -") || die "couldn't open postsuper" ;
foreach (keys %Q) {
print POSTSUPER "$_\n";
};
close(POSTSUPER);

Now we change the directory to /home/user and issue the commands:

To delete all messages in the queue from the domain dalaris.com, use the following command:

./postfix-delete-queue.pl dalaris.com

To delete all messages in the queue that contains the word “test” in the email address:

./postfix-delete-queue.pl test

To delete all messages in the queue that contains email address (regardless whether it is a FROM or TO), user@dalaris.com, use the following command:

./postfix-delete-queue.pl user@dalaris.com

7/ Removing specific email with queue ID.

Once you have the queue ID (checked using mailq), you can delete it using the following command:

postsuper –d QUEUE_ID

8/ To remove all mail sent by spammer@hotmail.com, use:

mailq| grep ‘^[A-Z0-9]’|grep spammer@hotmail.com|cut -f1 -d’ ‘ |tr -d \*|postsuper -d –

or to put the queue on hold and remove the email sent from spammer@hotmail.com

mailq | awk ‘/^[0-9,A-F].* spammer@hotmail.com / {print $1}’ | cut -d ‘!’ -f 1 | postsuper -d –

Once deleted, release the queue because you put it on hold:

postsuper -H ALL

To remove mail based on a domain, for example, hotmail.com, use:

mailq| grep ‘^[A-Z0-9]’|grep @hotmail.com|cut -f1 -d’ ‘ |tr -d \*|postsuper -d –

9/ To check SASL Auth

Postfix uses Simple Authentication and Security Layer for SMTP authentication, which in turn uses Reverse IMAP.

To see live transactions:

tail -f /var/log/mail.log | grep sasl

To see existing transactions:

cat /var/log/mail.log | grep sasl

10/ Check Postfix log

cat /var/log/mail.log | grep postfix

11/ Monitoring SMTP Connections

Check to see if mails are being delivered in local and remote queue:

tail -f /var/log/mail.log | grep postfix

Check for SMTP connection to see if it is established on port 25.

netstat -ant | grep 25

Find out how many established SMTP connections on port 25

netstat -ant 2> /dev/null | awk ‘{print $4″ “$6}’ | egrep ‘[0-9]+.[0-9]+.[0-9]+.[0-9]+:25′ | grep ESTABLISHED | wc –

12/ How to stop SMTP service

Comment out the following line in /etc/postfix/master.cf

smtp inet n – – – – smtpd

Then reload postfix:

postfix reload

To start postfix, uncomment the above line and perform postfix reload.

13/ How to relay email to a smarthost

In /etc/postfix/main.cf, place the following line:

#MYDESTINATIONS should only be used for the local system. Other domains will be picked up through MYSQL’s virtual_mailbox table.

mydestination = localhost, localhost.localdomain

relayhost = smarthost.dalaris.com:25

14/ How to whitelist a sender

Modify /etc/postfix/access with something like this:

@theitshop.com OK
andrea@hotmail.com REJECT
myapple@apple.com REJECT
jorge@hotmail.com REJECT
tommy@yahoo.com OK
20.192.121. 64 OK

Then type

postmap /etc/postfix/access