exim cheatsheet


Some useful cheatsheet for exim command:-

exim -Mrm <Mail ID> Remove certain email ID
exim -bp List the email queue
exim -bpc List the number of queue mail
exim -bp | exiqsumm Print summary of the mail in queue
exiwhat Print what exim is doing right now
exim -bt <[email protected]> Test how a email route from exim
exim -bP Print exim configuration
exim -qff Force delivery mail in queue
exim -M <Mail ID> Force delivery certain mail ID
exim -Mvl <Mail ID> View Email ID log
exim -Mvh <Mail ID> View Email ID header
exim -Mvb <Mail ID> View Email ID body
exiqgrep -f <[email protected]> Search certain sender from queue
exiqgrep -r <[email protected]> Search certain recipient from queue
exiqgrep -o <seconds> Search number of second(s) older than current time
exiqgrep -zi | xargs exim -Mrm Remove all frozen mail.

exim: Check current PHP Script Spam process



This post is very useful for those System Administrator or System Engineer who wish to monitor over hundred of servers which could get the spamming PHP script immediately from your server.

The following example was written based on cPanel exim4 and you may stored them in a .sh file.

Continue reading exim: Check current PHP Script Spam process

Review: Ebook of Instant Migration from Windows Server 2008 and 2008 R2 to 2012 How-to



Recently I have read several ebook which benefit my knowledge to Microsoft Windows Server Operating System. One of the great book I could suggest is this book namely “Instant Migration from Windows Server 2008 and 2008 R2 to 2012 How-to“.

This is a great book as the author highlighted must read part and instant step to download, install and apply to your server. With these simple step, you could easily get your Windows Server 2008 to 2012.

With this book, the author did added lots of images which worth for thousand words that allow you to easily understand how the Windows Server 2012 work. So you must get this book by now 🙂

Get the book from here.

Nearly one-third of all computers infected with malware

A new study revealed that nearly one-third of computers are infected with malware.
A new study revealed that nearly one-third of computers are infected with malware.


The cybersecurity landscape is a dangerous one, as sophisticated hackers continue to wreak havoc on computer owners worldwide.


The cybersecurity landscape is a dangerous one, as sophisticated hackers continue to wreak havoc on computer owners worldwide. A recent study by PandaLabs indicated that approximately 32 percent of all computers studied had malware, with at least 27 million new strains created in 2012. Trojans accounted for 75 percent of all malware attacks produced last year.

Viruses accounted for 8 percent of all of these incidents, according to the company, followed by worms with more than 6.4 percent.

This is not the only frightening trend discovered by PandaLabs. The popularity of social networking websites is putting consumers in danger of having their passwords exposed. For example, a security breach of LinkedIn led to the theft of 6.5 million passwords.

Consumers should do all they can to avoid being a victim of a major security breach. Industry professionals encourage people to use a password manager like Sticky Password to avoid using the same phrasing for each online account. If a cybercriminal can obtain a common password from someone, the malicious individual may have access to a person’s email, banking information or other sensitive information.

Mobile devices are another dangerous platform that can impact users and their data and passwords. PandaLabs said that the Android operating system is the most popular for cybercriminals looking for ways to steal information and money.

Smartphones powered by Android or Apple are likely to remain popular targets as more people adopt smartphones. Owners of the iPhone can also download password managers to their devices to ensure their information remains protected while browsing from their mobile gadgets.

With so many interactions taking place through the internet and via multiple devices, hackers will continue to target users involved with these popular channels. Consumers should strongly consider doing all they can to safeguard their most important information.

New survey: password choices expose security risks


One widely observed problem in a recent online security survey was the systematic weakness of passwords throughout organizations.

As long as there is value to be gleaned from illegally breaking into computer systems, the threat will never be entirely gone. The recently-released Trustwave Global Security Report 2012, which evaluated the current conditions of online security, found a number of different methods through which data could be illicitly accessed. While some are complex, highly advanced methods with equally complex solutions, one widely observed problem was the systematic weakness of passwords throughout organizations, with entire departments placing themselves at risk through generic and easy-to-guess passwords.

The survey’s authors noted that the most widely used password among respondents was “Password1.” Containing upper-case and lower-case letters as well as a number, it fills many systems’ security requirements and is easy to remember. Its prevalence, of course, makes it extremely easy for prospective hackers to guess. The survey-takers found system operators settling for default passwords in many parts of the IT infrastructure, with firewalls and routers likely to have no password, or a generic and unchanging word in place. The survey also identified risk stemming from users’ employing the same passwords across systems at work and at home, whether the data within was critical or not.

Weakness does not mean passwords as a system are doomed or need to be replaced. At the RSA Coneference 2012, online security expert Dan Kaminsky affirmed the strength of proper password technology usage. TechTarget reports that Kaminsky remained unconvinced that technology such as biometric authentication is ready to replace passwords, emphasizing that a fingerprint scanner is easier to fool than a well-chosen password.

“You know what’s amazing about passwords? They totally work,” Kaminsky told the conference audience, the source reports. “The fundamental ‘win’ of a password over other technologies is its utter simplicity and mobility.”

Users can gain the benefits Kaminsky describes while negating the risk from the Trustwave survey by selecting better passwords. Careful users, especially those with password manager software, are able to put up a key barrier between themselves and outside attackers. Keeping a variety of hard-to-guess passwords and changing them frequently is not simply a good idea, it can be the difference between a safe and unsafe system. Guessing “Password1,” typing it in and accessing private information takes seconds and requires no illicit software at all. Giving hackers such an opportunity is a critical mistake.

Securing Website through .htaccess behind CloudFlare or CDN


By default, when you want to block or allow some IP(s) from your website, you may simply do it as the following rules from .htaccess,

order deny,allow
deny from all
allow from
allow from

However, if you are using service like CloudFlare or other CDN service, you can not do like this as Apache do not understand your visitor IP.

To do that, you need to do like rules below,

order deny,allow
deny from all
allow from env=allow

If you need it for IP ranges or network block such as, you may do it like,

SetEnvIf X-FORWARDED-FOR "^1\.1\.1\.*" allow
order deny,allow
deny from all
allow from env=allow

Howto: Clear Swap Cache

Recently I’ve wrote a script to calculate the swap usage and triggered the alert when Swap usage hit the certain level.

And I found out the actual memory usage is not using as it is where swap still caching the usage. To clear the swap cache and make the memory usage only, you may turn of swap by selecting the swap drive.

First of all, you need to identify the swap disk. Check the blkid for more information.


Look at the entry of swap. Assume swap is in sda5.

Turn the swap cache off,

swapoff /dev/sda5

Once it is done, turn on again,

swapon /dev/sda5

cPanel: How to block visitor by country through GeoIP

To block a certain country IP range, you do not need to know which IP range it is and what you need is to use the GeoIP feature.

To install GeoIP, refer to the following URL,

Next, you will need to insert the following command to the .htaccess file,

RewriteEngine on
RewriteRule ^(.*)$ http://www.google.com [L]

The command use to redirect China IP to google.com***

***This is an example only and it is not to abuse any user/visitor reside in China.

cPanel: How to install mod_geoip

There are many ways to install mod_geoip in the web but the easiest way to compile it with cPanel server is to compile it through the easyapache.

To get it done, run the following command as root,

cd /var/cpanel/easy/apache/custom_opt_mods/
wget http://docs.cpanel.net/twiki/pub/EasyApache3/CustomMods/custom_opt_mod-mod_geoip.tar.gz
tar -zxf custom_opt_mod-mod_geoip.tar.gz

Next compile it with easyapache,


Then select the Mod_GeoIP in the Short Options List.