email spam and WordPress malware removalChecking email delivery counts

We recently cleaned some WordPress malware from a website for a Client after their server ended up on a blacklist due to the amount of spam it was sending out. This effects email delivery to end users as mail is usually rejected.

Here’s a really useful command that displays the amount of emails all hosted domains have sent by querying the exim delivery logs.

Logon to your server via SSH and as root run the following command:

grep cwd /var/log/exim_mainlog | grep -v /var/spool | awk -F”cwd=” ‘{print $2}’ | awk ‘{print $1}’ | sort | uniq -c | sort -n

This will bring back something like:

1 /home/xxxxxx/public_html

1 /home/xxxxxx/public_html/iwp

1 /home/xxxxxx/public_html/xxxxxxxxxx.co.uk

1 /home/xxxxxx/public_html/xxxxxxxxxxxxxx.com

2 /usr/local/maldetect/tmp

8 /home/xxxxxx/public_html/xxxxxxxxxxxxx.org/wp-admin

29 /home/xxxxxx/public_html/xxxxxxxxxxxxx.org.uk

67 /home/xxxxxx/public_html/xxxxxxx.com

The number in the left column is the number of emails sent. This is calculated from the current exim_mainlog file so ideally you want to run this before the log file rolls over.

Email delivery nowadays is crucial as it’s the preferred method of communication. Keeping your mail server clean and protected is important as it keeps your “reputation score” high and therefore able to deliver email.

To see how we can keep your site secure, please contact us today.