How to clear the Exim mail queue using ssh

Sometimes if an account on your server is compromised the Exim mail queue will quickly fill up with thousands of spam emails. The Exim queue will start to slow the server down until eventually, the server will fall over due to the huge processing power required to service the queue.

You can clear the Exim queue in a number of ways but if there are thousands of emails waiting to be processed in the queue the best way is using ssh. If you try to use a graphical way to clear the Exim queue like the interface in WHM it’s possible you could crash the server so we always advise using ssh. If you do not address the problem, the emails will keep building up in the queue and eventually, the server will stop working. After the queue is clear you should secure the server or any account that has been compromised.

As the root user or a user with root privileges login to your server and issue the below command

exim -bp | awk '/^ *[0-9]+[mhd]/{print "exim -Mrm " $3}' | bash

You should follow our guide on Compromised accounts to find out which account is sending the spam emails and suspend it as soon as you have run the above command to clear the queue. If you don’t the mail queue will just fill up again.

