Dealing with the 'Default Address' Issue
From brokenpoet.org wiki
Contents |
Default Addresses
Unfortunately, when a new WHM install is performed, it sets the Catch-All setting for all new cPanel users to the cPanel username.
This means that all mail destined for an address that doesn't exist ends up being deposited in /home/username/mail/new/ and /home/username/mail/cur/
This can cause numerous problems from quota overruns to cpbackup failing (due to the large number of files).
Evidence of this can be seen by:
- running sar and looking for long periods of high IO
- comparing this with the crontab schedule for cpbackup
- looking in /usr/local/cpanel/logs/cpbackup - simply head and tail the latest file to see how long it is taking to complete.
- running ps aux|grep cpbackup
- OR running removedefaultmail -r as you will see below
While the default for NEW accounts can be changed to ":fail:" through WHM -> Tweak Settings, this does not affect the existing accounts. There is a function in the script mentioned below which can do this. Alternately you can simply go here for a one line command
One Script to do it ALL
I have written a script that can perform all functions related to this task.
It can:
- Run a usage report for all cPanel users ( -r )
- Remove mail from the 'Default Address' account
- Either for all ( -a )
- For specific users, listed with spaces between their names (ie: ted bob steve) ( -u )
- For all users except excluded users that are listed (ie: joe mary jon) ( -e )
- Can run in verbose mode, which gives statistical output of each users ( -v )
- Also set ALL domains owned by the selected user(s) (including sub-domains and parks, etc) to :fail: for their catch all
You can obtain this script by:
wget http://scripts.brokenpoet.org/removedefaultmail
then
chmod 700 removedefaultmail
Usage: removedefaultmail [-afrvh] [-u users] or [-e users]
-a remove default mail for all cPanel users
-f set the 'Catch-All' of all users (or selected users) to :fail:
-r generate a user disk usage report
-v verbose output while removing mail
-h display this help output
-u remove default mail only for specified users
-e remove default mail for all users except those noted
Examples
I will try to give some usage examples so that you can know what to expect when this is run with it's various options
Reporting
The reporting function can only be run alone. Not in connection with any other function. Generally I use this before to show them that this is a problem and after to show them that it has been resolved.
removedefaultmail -r
It will return something like this:
User Count Size | From Catch-All : new : cur
-------------------------------------------------------------
aba 1220 15M | 0 : 4.0K : 4.0K
abcd 48942 348M | 47363 : 322M : 4.0K
achkl 21636 108M | 19220 : 89M : 4.0K
aasdl 2610 28M | 0 : 4.0K : 4.0K
alk 2604 20M | 17 : 104K : 4.0K
ajsdf 17101 205M | 126 : 1.2M : 1.1M
art 2484 20M | 20 : 124K : 8.0K
efscr 112 684K | 53 : 272K : 4.0K
erpdd 14800 125M | 15 : 108K : 4.0K
exfdddys 104061 19G | 22815 : 4.0K : 373M
geedddt 33474 242M | 28623 : 91M : 33M
gsdffaq 1065 15M | 32 : 64K : 108K
gafddnt 123838 16G | 35547 : 24M : 230M
itasdf 115838 687M | 112152 : 520M : 516K
locds 17905 254M | 5854 : 21M : 5.6M
mseccsdf 26909 159M | 24128 : 116M : 3.5M
myitg 26901 559M | 20016 : 86M : 3.9M
southsdf 335648 1.8G | 22240 : 111M : 1.3M
sqlasdf 528 5.8M | 0 : 4.0K : 4.0K
stsdf 5545 51M | 0 : 4.0K : 4.0K
tecsdf 10266 87M | 6 : 88K : 20K
tsdf3 40931 293M | 38254 : 2.6M : 266M
visddddn 2419 19M | 11 : 84K : 4.0K
wor87 10387 54M | 9435 : 43M : 1.2M
-------------------------------------------------------------
967224 385927
This report is fairly self explanatory. If run after the removal, then the Catch-All accounts should all be 0 (if all users were selected)
Removal
** When using -e or -u those HAVE to be the last options in the string (followed by the usernames) **
This will depend on how you want to remove things. If you want to simply remove ALL the default mail, run:
removedefaultmail -a
or
removedfaultmail -a -f
In my opinion -f should always be run. Logically what is the point of removing all the default mail and then allowing the Catch-All to still be set to the cPanel username?
The output will resemble this:
removedefaultmail -a
Removing mail from all 'Catch-All' accounts ............ Done
It will keep adding 'progress periods' until it has completed. If there is a lot of mail, it will actually continue on the next line of the terminal.
removedefaultmail -a -f Setting users 'Catch-All' to :fail: Done Removing mail from all 'Catch-All' accounts ........... Done
Basically the same but it lets you know that it is changing the catchalls as well.
Now if you use the -u or -e flags such as:
removedefaultmail -f -u joe steve jon
or
removedefaultmail -f -e mary jonas bubba
The output will essentially look the same but will only perform these functions for the user' specified (or not the users specified in it is -e)
Afterwards it is always a good idea to run a report again just to verify everything worked correctly.
Verbose
Using the verbose flag gives you more output (rather than just a progress bar)
/-----------------------------------------\ | Removing mail from 'Catch-All' accounts | \-----------------------------------------/ aba 0 files abcd 47363 files achkl 19220 files aasdl 0 files alk 17 files ajsdf 126 files art 20 files efscr 53 files erpdd 15 files exfdddys 22815 files geedddt 28623 files gsdffaq 32 files gafddnt 35547 files itasdf 112152 files locds 5854 files mseccsdf 24128 files myitg 20016 files southsdf 22240 files sqlasdf 0 files stsdf 0 files tecsdf 6 files tsdf3 38254 files visddddn 11 files wor87 9435 files ------------------------------------------- total 385927 files
Extras
Some extra things worth noting that were in the old page.
Changing all accounts to :fail:
:fail: is by far the best choice for the server and links to this affect are:
Blackhole or Fail -- Which One is Better For Your Mail Server
and
Now, to change all existing accounts to :fail: you should:
cd /etc/valiases for file in $(grep -lr -e '*:' .); do sed 's/\*\:.*/\*\:\ \:fail\:\ No\ Such\ User\ Here/g' $file > $file.tmp; cat $file.tmp > $file;rm -f $file.tmp;done
Important Points to relay to the customer
- Having MANY files creates HIGH IO Wait (which can be seen using sar) which severely impacts server performance.
- This is usually all spam, but in some cases may not be
- If they are uncertain of whether or not the mail IS spam, they can use the WHM 'Mail all Users' function to relay the sitation to their users. This way they are sure that they are not using these addresses.
- Make SURE that you are NOT guaranteeing that this is all spam.
- Make sure they understand that once it is removed, it is gone.
- Always send the report to the customer initially to backup your info.
- Always follow up with a report as well
