Gecko [ christianhealingcodes.com ]

Name	Size	Permission	Date
cpan_sandbox	[ DIR ]	drwxr-xr-x	2021-01-07 20:20
php_sandbox	[ DIR ]	drwxr-xr-x	2021-01-07 20:20
MirrorSearch_pingtest	2.38 KB	-rwxr-xr-x	2022-03-31 04:35
activesync-invite-reply	1.69 KB	-rwxr-xr-x	2022-03-31 04:35
add_dns	2.36 KB	-rwxr-xr-x	2022-03-31 04:35
adddns	2.36 KB	-rwxr-xr-x	2022-03-31 04:35
addpop	6.08 KB	-rwxr-xr-x	2022-03-31 04:35
addsystemuser	3.27 KB	-rwxr-xr-x	2022-03-31 04:35
adduser	92 B	-rwxr-xr-x	2021-01-07 20:20
apachelimits	4.31 KB	-rwxr-xr-x	2022-03-31 04:35
archive_sync_zones	3.02 KB	-rwxr-xr-x	2022-03-31 04:35
auto-adjust-mysql-limits	1.81 KB	-rwxr-xr-x	2022-03-31 04:35
autorepair	1.24 KB	-rwxr-xr-x	2022-03-31 04:35
backup_jobs_helper	8.03 KB	-rwxr-xr-x	2026-02-17 18:27
backups_clean_metadata_for_missing_backups	1.57 KB	-rwxr-xr-x	2022-03-31 04:35
backups_create_metadata	15.75 KB	-rwxr-xr-x	2022-03-31 04:35
backups_list_user_files	4.56 KB	-rwxr-xr-x	2022-03-31 04:35
balance_linked_node_quotas	2.58 KB	-rwxr-xr-x	2022-03-31 04:35
biglogcheck	1.69 KB	-rwxr-xr-x	2022-03-31 04:35
build_bandwidthdb_root_cache_in_background	1.52 KB	-rwxr-xr-x	2022-03-31 04:35
build_cpnat	3.41 KB	-rwxr-xr-x	2022-03-31 04:35
build_mail_sni	3.87 KB	-rwxr-xr-x	2022-09-15 04:35
build_maxemails_config	1.14 KB	-rwxr-xr-x	2022-03-31 04:35
builddovecotconf	6.76 KB	-rwxr-xr-x	2022-03-31 04:35
buildeximconf	7 KB	-rwxr-xr-x	2023-02-21 05:35
buildhttpdconf	2.6 KB	-rwxr-xr-x	2022-03-31 04:35
buildnsdconf	1.01 KB	-rwxr-xr-x	2022-03-31 04:35
buildpureftproot	539 B	-rwxr-xr-x	2022-03-31 04:35
call_pkgacct	2.17 KB	-rwxr-xr-x	2026-02-17 18:27
ccs-check	4.91 KB	-rwxr-xr-x	2022-03-31 04:35
check_cpanel_pkgs	10.75 KB	-rwxr-xr-x	2022-03-31 04:35
check_cpanel_rpms	218 B	-rwxr-xr-x	2021-11-30 05:35
check_domain_tls_service_domains.pl	6.68 KB	-rwxr-xr-x	2022-03-31 04:35
check_immutable_files	5.49 KB	-rwxr-xr-x	2022-03-31 04:35
check_mail_spamassassin_compiledregexps_body_0	187 B	-rwxr-xr-x	2021-01-07 20:20
check_maxmem_against_domains_count	3.57 KB	-rwxr-xr-x	2022-03-31 04:35
check_mount_procfs	2.02 KB	-rwxr-xr-x	2022-03-31 04:35
check_mysql	5.55 KB	-rwxr-xr-x	2022-09-15 04:35
check_security_advice_changes	8.28 KB	-rwxr-xr-x	2023-02-21 05:35
check_unmonitored_enabled_services	4.56 KB	-rwxr-xr-x	2022-09-15 04:35
check_unreliable_resolvers	3.59 KB	-rwxr-xr-x	2022-03-31 04:35
check_users_my_cnf	6.05 KB	-rwxr-xr-x	2022-03-31 04:35
check_valid_server_hostname	7.66 KB	-rwxr-xr-x	2022-09-15 04:35
checkalldomainsmxs	2.4 KB	-rwxr-xr-x	2022-03-31 04:35
checkbashshell	1.18 KB	-rwxr-xr-x	2022-03-31 04:35
checkccompiler	1.22 KB	-rwxr-xr-x	2022-03-31 04:35
checkexim.pl	3.1 KB	-rwxr-xr-x	2022-03-31 04:35
checklink	1.29 KB	-rwxr-xr-x	2022-03-31 04:35
checknsddirs	1014 B	-rwxr-xr-x	2022-03-31 04:35
checkusers	856 B	-rwxr-xr-x	2022-03-31 04:35
chkmydns	561 B	-rwxr-xr-x	2022-03-31 04:35
chkpaths	141 B	-rwxr-xr-x	2021-01-07 20:20
chpass	416 B	-rwxr-xr-x	2022-03-31 04:35
ckillall	1.11 KB	-rwxr-xr-x	2022-03-31 04:35
clean_dead_mailman_locks	2.09 KB	-rwxr-xr-x	2022-03-31 04:35
clean_up_temp_wheel_users	2.44 KB	-rwxr-xr-x	2022-03-31 04:35
clean_user_php_sessions	4.76 KB	-rwxr-xr-x	2022-08-25 04:35
cleandns	13.09 KB	-rwxr-xr-x	2022-09-15 04:35
cleandns8	417 B	-rwxr-xr-x	2022-03-31 04:35
cleanmsglog	735 B	-rwxr-xr-x	2021-01-07 20:20
cleanphpsessions	932 B	-rwxr-xr-x	2022-03-31 04:35
cleanphpsessions.php	658 B	-rw-r--r--	2022-08-16 04:35
cleanquotas	1.61 KB	-rwxr-xr-x	2022-03-31 04:35
cleansessions	5.91 KB	-rwxr-xr-x	2023-04-17 04:35
cleanupinterchange	2.64 KB	-rwxr-xr-x	2022-03-31 04:35
cleanupmysqlprivs	533 B	-rwxr-xr-x	2021-11-30 05:35
clear_cpaddon_ui_caches	1.27 KB	-rwxr-xr-x	2022-03-31 04:35
clear_orphaned_virtfs_mounts	3.56 KB	-rwxr-xr-x	2022-03-31 04:35
comet_license_registration_sync	1.75 KB	-rwxr-xr-x	2026-02-17 18:27
comet_protected_item_maintenance	20.7 KB	-rwxr-xr-x	2026-02-17 18:27
comparecdb	1.52 KB	-rwxr-xr-x	2022-03-31 04:35
compilers	2.86 KB	-rwxr-xr-x	2022-03-31 04:35
compilerscheck	999 B	-rwxr-xr-x	2022-03-31 04:35
configure_firewall_for_cpanel	520 B	-rwxr-xr-x	2022-03-31 04:35
configure_rh_firewall_for_cpanel	520 B	-rwxr-xr-x	2022-03-31 04:35
configure_rh_ipv6_firewall_for_cpanel	520 B	-rwxr-xr-x	2022-03-31 04:35
convert2dovecot	682 B	-rwxr-xr-x	2022-03-31 04:35
convert_accesshash_to_token	4.07 KB	-rwxr-xr-x	2022-03-31 04:35
convert_and_migrate_from_legacy_backup	1.97 KB	-rwxr-xr-x	2022-03-31 04:35
convert_maildir_to_mdbox	1.66 KB	-rwxr-xr-x	2022-03-31 04:35
convert_mdbox_to_maildir	1.66 KB	-rwxr-xr-x	2022-03-31 04:35
convert_roundcube_mysql2sqlite	25.28 KB	-rwxr-xr-x	2024-11-05 05:35
convert_to_dovecot_delivery	4.33 KB	-rwxr-xr-x	2022-03-31 04:35
convert_whmxfer_to_sqlite	1.46 KB	-rwxr-xr-x	2022-03-31 04:35
copy_user_mail_as_root	1.25 KB	-rwxr-xr-x	2022-03-31 04:35
copy_user_mail_as_user	1.34 KB	-rwxr-xr-x	2022-03-31 04:35
cpaddonsup	3.25 KB	-rwxr-xr-x	2022-03-31 04:35
cpan_config	2.8 KB	-rwxr-xr-x	2022-03-31 04:35
cpanel_initial_install	67.36 KB	-rwxr-xr-x	2024-04-16 04:35
cpanelsync	28.31 KB	-rwxr-xr-x	2022-03-31 04:35
cpanelsync_postprocessor	1.62 KB	-rwxr-xr-x	2022-03-31 04:35
cpanpingtest	965 B	-rwxr-xr-x	2022-03-31 04:35
cpbackup	44.77 KB	-rwxr-xr-x	2022-09-15 04:35
cpbackup_transport_file	5.65 KB	-rwxr-xr-x	2023-02-21 05:35
cpdig	1.81 KB	-rwxr-xr-x	2022-03-31 04:35
cpfetch	1.23 KB	-rwxr-xr-x	2022-03-31 04:35
cphulkdblacklist	433 B	-rwxr-xr-x	2022-03-31 04:35
cphulkdwhitelist	1.3 KB	-rwxr-xr-x	2022-03-31 04:35
cpservice	2.87 KB	-rwxr-xr-x	2022-03-31 04:35
cpuser_port_authority	19.29 KB	-rwxr-xr-x	2022-03-31 04:35
cpuser_service_manager	10.85 KB	-rwxr-xr-x	2022-09-15 04:35
create_default_featurelist	11.62 KB	-rwx------	2026-03-03 18:34
createacct	24.59 MB	-rwx------	2026-03-11 04:35
custom_backup_destination.pl.sample	5.06 KB	-rwxr-xr-x	2022-09-15 04:35
custom_backup_destination.pl.skeleton	2.84 KB	-rwxr-xr-x	2022-03-31 04:35
dav_change_hostname	3.57 KB	-rwxr-xr-x	2022-03-31 04:35
dcpumon-wrapper	850 B	-rwxr-xr-x	2022-03-31 04:35
delpop	6.2 KB	-rwxr-xr-x	2022-03-31 04:35
detect_env_capabilities	508 B	-rwxr-xr-x	2022-03-31 04:35
disable_prelink	2.77 KB	-rwxr-xr-x	2022-03-31 04:35
disable_sqloptimizer	1.49 KB	-rwxr-xr-x	2022-03-31 04:35
disablefileprotect	2.09 KB	-rwxr-xr-x	2022-03-31 04:35
distro_changed_hook	1.16 KB	-rwxr-xr-x	2022-03-31 04:35
dnscluster	4.44 KB	-rwxr-xr-x	2022-03-31 04:35
dnsqueuecron	1.29 KB	-rwxr-xr-x	2022-03-31 04:35
dnssec-cluster-keys	3.75 KB	-rwxr-xr-x	2022-03-31 04:35
dovecot_maintenance	7.93 KB	-rwxr-xr-x	2022-03-31 04:35
dovecot_set_defaults.pl	984 B	-rwxr-xr-x	2022-03-31 04:35
dumpcdb	866 B	-rwxr-xr-x	2022-03-31 04:35
dumpinodes	687 B	-rwxr-xr-x	2022-03-31 04:35
dumpquotas	616 B	-rwxr-xr-x	2022-03-31 04:35
dumpstor	913 B	-rwxr-xr-x	2022-03-31 04:35
ea4_fresh_install	2.64 KB	-rwxr-xr-x	2022-03-31 04:35
edit_cpanelsync_exclude_list	2.58 KB	-rwxr-xr-x	2022-03-31 04:35
editquota	3.44 KB	-rwxr-xr-x	2022-03-31 04:35
elevate-cpanel	252.8 KB	-rwx------	2024-05-10 04:35
email_archive_maintenance	6.15 KB	-rwxr-xr-x	2022-03-31 04:35
email_hold_maintenance	1.46 KB	-rwxr-xr-x	2022-03-31 04:35
enable_spf_dkim_globally	8.83 KB	-rwxr-xr-x	2022-03-31 04:35
enable_sqloptimizer	1.57 KB	-rwxr-xr-x	2022-03-31 04:35
enablefileprotect	2.1 KB	-rwxr-xr-x	2022-03-31 04:35
ensure_autoenabled_features	2.5 MB	-rwx------	2026-03-11 04:35
ensure_conf_dir_crt_key	4.82 KB	-rwxr-xr-x	2022-03-31 04:35
ensure_cpuser_file_ip	2.55 KB	-rwxr-xr-x	2022-03-31 04:35
ensure_crontab_permissions	1.08 KB	-rwxr-xr-x	2022-03-31 04:35
ensure_dovecot_memory_limits_meet_minimum	3.13 KB	-rwxr-xr-x	2022-03-31 04:35
ensure_hostname_resolves	2.38 KB	-rwxr-xr-x	2025-03-27 04:35
ensure_includes	601 B	-rwxr-xr-x	2022-03-31 04:35
ensure_vhost_includes	13.53 KB	-rwxr-xr-x	2022-03-31 04:35
exim_tidydb	2.96 KB	-rwxr-xr-x	2022-03-31 04:35
eximconfgen	1.32 KB	-rwxr-xr-x	2022-03-31 04:35
eximstats_spam_check	867 B	-rwxr-xr-x	2022-03-31 04:35
export_horde_calendars_to_ics	15.07 KB	-rwxr-xr-x	2023-08-01 04:35
export_horde_contacts_to_vcf	13.94 KB	-rwxr-xr-x	2023-05-02 04:35
exportmydnsdb	3.47 KB	-rwxr-xr-x	2022-03-31 04:35
expunge_expired_certificates_from_sslstorage	3.56 KB	-rwxr-xr-x	2022-03-31 04:35
expunge_expired_pkgacct_sessions	852 B	-rwxr-xr-x	2022-03-31 04:35
expunge_expired_transfer_sessions	1.06 KB	-rwxr-xr-x	2022-03-31 04:35
fastmail	5.16 KB	-rwxr-xr-x	2022-03-31 04:35
featuremod	1.92 KB	-rwxr-xr-x	2022-03-31 04:35
fetchfile	422 B	-rwxr-xr-x	2022-03-31 04:35
find_and_fix_rpm_issues	6.99 KB	-rwxr-xr-x	2022-03-31 04:35
find_outdated_services	5.41 KB	-rwxr-xr-x	2023-05-31 04:35
find_pids_with_inotify_watch_on_path	3.66 KB	-rwxr-xr-x	2022-03-31 04:35
fix-cpanel-perl	28.82 KB	-rwxr-xr-x	2025-10-17 04:35
fix-listen-on-localhost	3.52 KB	-rwxr-xr-x	2022-03-31 04:35
fix-web-vhost-configuration	6.15 KB	-rwxr-xr-x	2022-03-31 04:35
fix_addon_permissions	7.68 KB	-rwxr-xr-x	2022-03-31 04:35
fix_dns_zone_ttls	1.34 KB	-rwxr-xr-x	2022-03-31 04:35
fix_innodb_tables	4.05 KB	-rwxr-xr-x	2022-03-31 04:35
fix_pear_registry	4.07 KB	-rwxr-xr-x	2022-03-31 04:35
fix_reseller_acls	10.88 KB	-rwxr-xr-x	2022-03-31 04:35
fixetchosts	4.32 KB	-rwxr-xr-x	2022-03-31 04:35
fixheaders	572 B	-rwxr-xr-x	2022-03-31 04:35
fixmailinglistperms	1008 B	-rwxr-xr-x	2022-03-31 04:35
fixmailman	2.09 KB	-rwxr-xr-x	2022-03-31 04:35
fixnamedviews	1.22 KB	-rwxr-xr-x	2022-03-31 04:35
fixndc	413 B	-rwxr-xr-x	2022-03-31 04:35
fixquotas	17.45 KB	-rwxr-xr-x	2023-04-17 04:35
fixrelayd	1.74 KB	-rwxr-xr-x	2022-03-31 04:35
fixrndc	16.48 KB	-rwxr-xr-x	2022-03-31 04:35
fixtar	503 B	-rwxr-xr-x	2022-03-31 04:35
fixtlsversions	4.7 KB	-rwxr-xr-x	2022-03-31 04:35
fixvaliases	2 KB	-rwxr-xr-x	2022-03-31 04:35
fixwebalizer	966 B	-rwxr-xr-x	2022-03-31 04:35
forcelocaldomain	895 B	-rwxr-xr-x	2022-03-31 04:35
ftpfetch	2.2 KB	-rwxr-xr-x	2021-01-07 20:20
ftpquotacheck	8.31 KB	-rwxr-xr-x	2022-03-31 04:35
ftpsfetch	2.36 KB	-rwxr-xr-x	2021-01-07 20:20
ftpupdate	261 B	-rwxr-xr-x	2021-01-07 20:20
gather_update_log_stats	4.25 KB	-rwx------	2026-03-04 22:46
gather_update_logs_setupcrontab	5.45 KB	-rwx------	2026-03-04 22:46
gemwrapper	1.74 KB	-rwxr-xr-x	2022-03-31 04:35
gencrt	6.26 KB	-rwxr-xr-x	2022-03-31 04:35
generate_account_suspension_include	5.7 KB	-rwxr-xr-x	2022-03-31 04:35
generate_google_drive_credentials	1.11 KB	-rwxr-xr-x	2022-03-31 04:35
generate_google_drive_oauth_uri	984 B	-rwxr-xr-x	2022-03-31 04:35
generate_maildirsize	13.94 KB	-rwxr-xr-x	2023-02-21 05:35
gensysinfo	1.16 KB	-rwxr-xr-x	2022-03-31 04:35
get_locale_from_legacy_name_info	1.99 KB	-rwxr-xr-x	2022-03-31 04:35
getremotecpmove	12.67 KB	-rwxr-xr-x	2022-09-15 04:35
grpck	1.19 KB	-rwxr-xr-x	2022-03-31 04:35
hackcheck	3.02 KB	-rwxr-xr-x	2022-03-31 04:35
hook	1.45 KB	-rwxr-xr-x	2022-03-31 04:35
httpspamdetect	2.66 KB	-rwxr-xr-x	2022-03-31 04:35
hulk-unban-ip	3.93 MB	-rwx------	2026-03-11 04:35
import_exim_data	8.39 KB	-rwxr-xr-x	2022-09-15 04:35
importmydnsdb	11.34 KB	-rwxr-xr-x	2022-03-31 04:35
increase_filesystem_limits	891 B	-rwxr-xr-x	2022-03-31 04:35
initacls	4.99 KB	-rwxr-xr-x	2022-03-31 04:35
initfpsuexec	444 B	-rwxr-xr-x	2022-03-31 04:35
initquotas	19.47 KB	-rwxr-xr-x	2022-03-31 04:35
initsuexec	4.03 KB	-rwxr-xr-x	2022-03-31 04:35
install_cpanel_analytics	1.93 KB	-rwxr-xr-x	2023-04-17 04:35
install_dovecot_fts	1.57 KB	-rwxr-xr-x	2022-03-31 04:35
install_plugin	2.8 KB	-rwxr-xr-x	2022-09-15 04:35
install_tuxcare_els_php	1.84 KB	-rwxr-xr-x	2026-01-07 05:35
installpkg	575 B	-rwxr-xr-x	2022-03-31 04:35
installpostgres	6.56 KB	-rwxr-xr-x	2022-03-31 04:35
installsqlite3	1.82 KB	-rwxr-xr-x	2022-03-31 04:35
ipcheck	3.93 KB	-rwxr-xr-x	2022-03-31 04:35
ipusage	7.45 KB	-rwxr-xr-x	2022-03-31 04:35
isdedicatedip	602 B	-rwxr-xr-x	2022-03-31 04:35
jetbackup-check	3.69 KB	-rwxr-xr-x	2022-03-31 04:35
killdns	422 B	-rwxr-xr-x	2022-03-31 04:35
killdns-dnsadmin	1.15 KB	-rwxr-xr-x	2022-03-31 04:35
killmysqluserprivs	433 B	-rwxr-xr-x	2022-03-31 04:35
killmysqlwildcard	1.15 KB	-rwxr-xr-x	2022-03-31 04:35
killpvhost	853 B	-rwxr-xr-x	2022-03-31 04:35
killspamkeys	937 B	-rwxr-xr-x	2022-03-31 04:35
link_3rdparty_binaries	1.24 KB	-rwxr-xr-x	2022-06-27 04:35
linksubemailtomainacct	3.17 KB	-rwxr-xr-x	2022-03-31 04:35
listcheck	538 B	-rwxr-xr-x	2022-03-31 04:35
listsubdomains	1.05 KB	-rwxr-xr-x	2022-03-31 04:35
litespeed-check	3.86 KB	-rwxr-xr-x	2022-03-31 04:35
locale_export	4.82 KB	-rwxr-xr-x	2022-03-31 04:35
locale_import	4.35 KB	-rwxr-xr-x	2022-03-31 04:35
locale_info	3.99 KB	-rwxr-xr-x	2022-03-31 04:35
logo.dat	205 B	-rw-r--r--	2021-01-07 20:20
magicloader	1.94 KB	-rwxr-xr-x	2022-03-31 04:35
maildir_converter	6.08 KB	-rwxr-xr-x	2022-03-31 04:35
mailperm	16.58 KB	-rwxr-xr-x	2022-03-31 04:35
mailscannerupdate	2.42 KB	-rwxr-xr-x	2022-03-31 04:35
mainipcheck	10 KB	-rwxr-xr-x	2022-03-31 04:35
maintenance	47.9 KB	-rwxr-xr-x	2026-03-11 04:35
make_config	407 B	-rw-r--r--	2021-01-07 20:20
make_hostname_unowned	1.16 KB	-rwxr-xr-x	2022-03-31 04:35
manage_extra_marketing	12.76 KB	-rwx------	2026-03-03 18:34
manage_greylisting	16.19 KB	-rwxr-xr-x	2022-09-15 04:35
manage_mysql_profiles	20.02 KB	-rwxr-xr-x	2023-04-17 04:35
migrate-pdns-conf	9.83 KB	-rwxr-xr-x	2024-09-19 04:35
migrate_local_ini_to_php_ini	7.41 KB	-rwxr-xr-x	2022-03-31 04:35
migrate_whmtheme_file_to_userdata	2.95 KB	-rwxr-xr-x	2022-03-31 04:35
mkwwwacctconf	2.33 KB	-rwxr-xr-x	2023-02-21 05:35
modify_accounts	4.09 KB	-rwxr-xr-x	2022-09-15 04:35
modify_featurelist	10.31 KB	-rwx------	2026-03-03 18:34
modify_packages	3.65 KB	-rwxr-xr-x	2022-09-15 04:35
modsec_vendor	15.63 KB	-rwxr-xr-x	2022-03-31 04:35
mysqlconnectioncheck	6.55 KB	-rwxr-xr-x	2022-03-31 04:35
mysqlpasswd	4.09 KB	-rwxr-xr-x	2022-03-31 04:35
named.ca	1.57 KB	-rw-r--r--	2021-01-07 20:20
named.rfc1912.zones	774 B	-rw-r--r--	2021-01-07 20:20
nixstatsagent.sh	58.67 KB	-rwx------	2022-07-06 14:06
notify_expiring_certificates	9.37 KB	-rwxr-xr-x	2022-06-27 04:35
notify_expiring_certificates_on_linked_nodes	1.33 KB	-rwxr-xr-x	2022-09-15 04:35
oopscheck	1.12 KB	-rwxr-xr-x	2022-03-31 04:35
optimize_eximstats	3.88 KB	-rwxr-xr-x	2022-03-31 04:35
patch_mail_spamassassin_compiledregexps_body_0	2.39 KB	-rwxr-xr-x	2022-03-31 04:35
patchfdsetsize	2.72 KB	-rwxr-xr-x	2022-03-31 04:35
pedquota	2.26 KB	-rwxr-xr-x	2022-03-31 04:35
perform_sqlite_auto_rebuild_db_maintenance	2.2 KB	-rwxr-xr-x	2022-03-31 04:35
perlinstaller	528 B	-rwxr-xr-x	2022-03-31 04:35
perlmods	1.18 KB	-rwxr-xr-x	2022-03-31 04:35
php_fpm_config	9.73 KB	-rwxr-xr-x	2022-03-31 04:35
phpini_tidy	687 B	-rwxr-xr-x	2022-03-31 04:35
pkgacct	88.56 KB	-rwxr-xr-x	2026-02-04 05:35
plbake	857 B	-rwx------	2019-03-06 15:42
post_snapshot	3.16 KB	-rwxr-xr-x	2023-02-21 05:35
post_sync_cleanup	6.09 KB	-rwxr-xr-x	2022-03-31 04:35
postupcp	107 B	-rwxr-xr-x	2025-07-02 04:35
primary_virtual_host_migration	2.44 KB	-rwxr-xr-x	2022-03-31 04:35
process_cpmove	4.23 KB	-rwxr-xr-x	2026-02-17 18:27
process_pending_cpanel_php_pear_registration	3.49 KB	-rwxr-xr-x	2022-03-31 04:35
process_site_templates	7.27 KB	-rwxr-xr-x	2022-03-31 04:35
proxydomains	9.34 KB	-rwxr-xr-x	2022-03-31 04:35
ptycheck	724 B	-rwxr-xr-x	2022-03-31 04:35
purge_modsec_log	1.53 KB	-rwxr-xr-x	2022-03-31 04:35
purge_old_config_caches	2.08 KB	-rwxr-xr-x	2022-03-31 04:35
pwck	708 B	-rwxr-xr-x	2022-03-31 04:35
quickdnslookup	1.13 KB	-rwxr-xr-x	2022-03-31 04:35
quickwhoisips	2.29 KB	-rwxr-xr-x	2022-09-15 04:35
quota_auto_fix	1.41 KB	-rwxr-xr-x	2022-03-31 04:35
quotacheck	22.36 KB	-rwxr-xr-x	2022-09-15 04:35
rawchpass	460 B	-rwxr-xr-x	2022-03-31 04:35
rdate	4.8 KB	-rwxr-xr-x	2022-09-15 04:35
realadduser	5.61 KB	-rwxr-xr-x	2022-03-31 04:35
realchpass	3.26 KB	-rwxr-xr-x	2022-03-31 04:35
realperlinstaller	5.67 KB	-rwxr-xr-x	2022-03-31 04:35
realrawchpass	425 B	-rwxr-xr-x	2022-03-31 04:35
rebuild_available_addons_packages_cache	1.27 KB	-rwxr-xr-x	2022-03-31 04:35
rebuild_available_rpm_addons_cache	1.27 KB	-rwxr-xr-x	2022-03-31 04:35
rebuild_bandwidthdb_root_cache	1.45 KB	-rwxr-xr-x	2022-03-31 04:35
rebuild_dbmap	5.8 KB	-rwxr-xr-x	2022-03-31 04:35
rebuild_provider_openid_connect_links_db	1.01 KB	-rwxr-xr-x	2022-03-31 04:35
rebuild_whm_chrome	2.22 KB	-rwxr-xr-x	2022-03-31 04:35
rebuilddnsconfig	26.21 KB	-rwxr-xr-x	2022-03-31 04:35
rebuildhttpdconf	2.6 KB	-rwxr-xr-x	2022-03-31 04:35
rebuildinstalledssldb	2.85 KB	-rwxr-xr-x	2022-03-31 04:35
rebuildippool	509 B	-rwxr-xr-x	2022-03-31 04:35
rebuildnsdzones	1.14 KB	-rwxr-xr-x	2022-03-31 04:35
rebuilduserssldb	948 B	-rwxr-xr-x	2022-03-31 04:35
refresh-dkim-validity-cache	5.97 KB	-rwxr-xr-x	2022-03-31 04:35
regenerate_tokens	2.18 KB	-rwxr-xr-x	2022-09-15 04:35
reloadnsd	821 B	-rwxr-xr-x	2022-03-31 04:35
remote_log_transfer	11.6 KB	-rwxr-xr-x	2023-02-21 05:35
remove_dovecot_index_files	5.89 KB	-rwxr-xr-x	2022-03-31 04:35
removeacct	20.92 MB	-rwx------	2026-03-11 04:35
rescan_user_dovecot_fts	2.98 KB	-rwxr-xr-x	2022-03-31 04:35
reset_mail_quotas_to_sane_values	6.82 KB	-rwxr-xr-x	2022-03-31 04:35
resetmailmanurls	2.03 KB	-rwxr-xr-x	2022-03-31 04:35
resetquotas	4.68 KB	-rwxr-xr-x	2022-03-31 04:35
restartsrv	3.23 KB	-rwxr-xr-x	2022-03-31 04:35
restartsrv_apache	422 B	-rwxr-xr-x	2022-03-31 04:35
restartsrv_apache_php_fpm	9.9 MB	-rwxr-xr-x	2026-03-11 04:35
restartsrv_base	9.9 MB	-rwxr-xr-x	2026-03-11 04:35
restartsrv_bind	9.9 MB	-rwxr-xr-x	2026-03-11 04:35
restartsrv_chkservd	427 B	-rwxr-xr-x	2022-03-31 04:35
restartsrv_clamd	9.9 MB	-rwxr-xr-x	2026-03-11 04:35
restartsrv_cpanalyticsd	9.9 MB	-rwxr-xr-x	2026-03-11 04:35
restartsrv_cpanel_dovecot_solr	9.9 MB	-rwxr-xr-x	2026-03-11 04:35
restartsrv_cpanel_php_fpm	9.9 MB	-rwxr-xr-x	2026-03-11 04:35
restartsrv_cpanellogd	9.9 MB	-rwxr-xr-x	2026-03-11 04:35
restartsrv_cpdavd	9.9 MB	-rwxr-xr-x	2026-03-11 04:35
restartsrv_cpgreylistd	9.9 MB	-rwxr-xr-x	2026-03-11 04:35
restartsrv_cphulkd	9.9 MB	-rwxr-xr-x	2026-03-11 04:35
restartsrv_cpipv6	9.9 MB	-rwxr-xr-x	2026-03-11 04:35
restartsrv_cpsrvd	9.9 MB	-rwxr-xr-x	2026-03-11 04:35
restartsrv_crond	9.9 MB	-rwxr-xr-x	2026-03-11 04:35
restartsrv_dnsadmin	9.9 MB	-rwxr-xr-x	2026-03-11 04:35
restartsrv_dovecot	9.9 MB	-rwxr-xr-x	2026-03-11 04:35
restartsrv_exim	9.9 MB	-rwxr-xr-x	2026-03-11 04:35
restartsrv_eximstats	504 B	-rwxr-xr-x	2022-03-31 04:35
restartsrv_ftpd	426 B	-rwxr-xr-x	2022-03-31 04:35
restartsrv_ftpserver	911 B	-rwxr-xr-x	2022-03-31 04:35
restartsrv_httpd	9.9 MB	-rwxr-xr-x	2026-03-11 04:35
restartsrv_imap	437 B	-rwxr-xr-x	2022-03-31 04:35
restartsrv_inetd	2.47 KB	-rwxr-xr-x	2022-09-15 04:35
restartsrv_ipaliases	9.9 MB	-rwxr-xr-x	2026-03-11 04:35
restartsrv_lmtp	437 B	-rwxr-xr-x	2022-03-31 04:35
restartsrv_mailman	9.9 MB	-rwxr-xr-x	2026-03-11 04:35
restartsrv_mydns	9.9 MB	-rwxr-xr-x	2026-03-11 04:35
restartsrv_mysql	9.9 MB	-rwxr-xr-x	2026-03-11 04:35
restartsrv_named	777 B	-rwxr-xr-x	2022-03-31 04:35
restartsrv_nscd	9.9 MB	-rwxr-xr-x	2026-03-11 04:35
restartsrv_nsd	9.9 MB	-rwxr-xr-x	2026-03-11 04:35
restartsrv_p0f	9.9 MB	-rwxr-xr-x	2026-03-11 04:35
restartsrv_pdns	9.9 MB	-rwxr-xr-x	2026-03-11 04:35
restartsrv_pop3	437 B	-rwxr-xr-x	2022-03-31 04:35
restartsrv_postgres	427 B	-rwxr-xr-x	2022-03-31 04:35
restartsrv_postgresql	9.9 MB	-rwxr-xr-x	2026-03-11 04:35
restartsrv_powerdns	442 B	-rwxr-xr-x	2022-03-31 04:35
restartsrv_proftpd	9.9 MB	-rwxr-xr-x	2026-03-11 04:35
restartsrv_pureftpd	9.9 MB	-rwxr-xr-x	2026-03-11 04:35
restartsrv_queueprocd	9.9 MB	-rwxr-xr-x	2026-03-11 04:35
restartsrv_rsyslog	9.9 MB	-rwxr-xr-x	2026-03-11 04:35
restartsrv_rsyslogd	437 B	-rwxr-xr-x	2022-03-31 04:35
restartsrv_spamd	9.9 MB	-rwxr-xr-x	2026-03-11 04:35
restartsrv_sshd	9.9 MB	-rwxr-xr-x	2026-03-11 04:35
restartsrv_syslogd	2.4 KB	-rwxr-xr-x	2022-06-27 04:35
restartsrv_tailwatchd	9.9 MB	-rwxr-xr-x	2026-03-11 04:35
restartsrv_unknown	9.9 MB	-rwxr-xr-x	2026-03-11 04:35
restartsrv_xinetd	422 B	-rwxr-xr-x	2022-03-31 04:35
restorecpuserfromcache	1.96 KB	-rwxr-xr-x	2022-03-31 04:35
restorepkg	36.93 MB	-rwx------	2026-03-24 04:35
rfc1912_zones.tar	10 KB	-rw-r--r--	2021-01-07 20:20
rpmup	4.77 KB	-rwxr-xr-x	2022-03-31 04:35
rsync-user-homedir.pl	5.76 KB	-rwxr-xr-x	2022-03-31 04:35
run_if_exists	512 B	-rwxr-xr-x	2022-03-31 04:35
run_plugin_lifecycle	3.72 KB	-rwx------	2026-03-03 18:34
runstatsonce	440 B	-rwxr-xr-x	2022-03-31 04:35
runweblogs	1.02 KB	-rwxr-xr-x	2022-03-31 04:35
sa-update_wrapper	3.34 KB	-rwxr-xr-x	2022-03-31 04:35
safetybits.pl	844 B	-rwxr-xr-x	2022-03-31 04:35
secureit	4.72 KB	-rwxr-xr-x	2022-03-31 04:35
securemysql	4.54 KB	-rwxr-xr-x	2022-03-31 04:35
securerailsapps	3.58 KB	-rwxr-xr-x	2022-03-31 04:35
securetmp	15.99 KB	-rwxr-xr-x	2023-08-01 04:35
sendicq	474 B	-rwxr-xr-x	2022-03-31 04:35
servicedomains	9.34 KB	-rwxr-xr-x	2022-03-31 04:35
set_mailman_archive_perms	1.75 KB	-rwxr-xr-x	2022-03-31 04:35
set_php_memory_limits	3.67 KB	-rwxr-xr-x	2022-03-31 04:35
setpostgresconfig	6.04 KB	-rwxr-xr-x	2022-03-31 04:35
setup_greylist_db	16.19 KB	-rwxr-xr-x	2022-09-15 04:35
setup_modsec_db	1.3 KB	-rwxr-xr-x	2022-03-31 04:35
setup_systemd_timer_for_plugins	3.92 KB	-rwx------	2026-03-03 18:34
setupftpserver	10.47 KB	-rwxr-xr-x	2022-03-31 04:35
setupmailserver	9.55 KB	-rwxr-xr-x	2022-03-31 04:35
setupnameserver	13.75 KB	-rwxr-xr-x	2022-09-15 04:35
shrink_modsec_ip_database	12.97 KB	-rwxr-xr-x	2022-03-31 04:35
simpleps	3.05 KB	-rwxr-xr-x	2022-03-31 04:35
slurp_exim_mainlog	5.78 KB	-rwxr-xr-x	2022-03-31 04:35
smartcheck	15.13 KB	-rwxr-xr-x	2022-03-31 04:35
smtpmailgidonly	8.15 KB	-rwxr-xr-x	2023-02-21 05:35
snapshot_prep	5.88 KB	-rwxr-xr-x	2023-02-21 05:36
spamassassin_dbm_cleaner	5.85 KB	-rwxr-xr-x	2022-09-15 04:35
spamassassindisable	3.74 KB	-rwxr-xr-x	2022-09-15 04:35
spamboxdisable	2.27 KB	-rwxr-xr-x	2022-09-15 04:35
spamfu.sh	20.61 KB	-rwxr-xr-x	2019-07-02 20:08
sshcontrol	14.38 KB	-rwxr-xr-x	2022-03-31 04:35
ssl_crt_status	3.84 KB	-rwxr-xr-x	2022-03-31 04:35
suspendacct	18.01 KB	-rwxr-xr-x	2023-04-17 04:35
suspendmysqlusers	4.42 KB	-rwxr-xr-x	2022-03-31 04:35
swapip	3.82 KB	-rwxr-xr-x	2022-03-31 04:35
sync-mysql-users-from-grants	1.2 KB	-rwxr-xr-x	2022-03-31 04:35
sync_child_accounts	1.77 KB	-rwxr-xr-x	2022-03-31 04:35
sync_contact_emails_to_cpanel_users_files	1.14 KB	-rwxr-xr-x	2022-09-15 04:35
synccpaddonswithsqlhost	6.59 KB	-rwxr-xr-x	2022-03-31 04:35
synctransfers	1.92 KB	-rwxr-xr-x	2022-03-31 04:35
syslog_check	1.36 KB	-rwxr-xr-x	2022-03-31 04:35
sysup	645 B	-rwxr-xr-x	2022-03-31 04:35
test_sa_compiled	1.07 KB	-rwxr-xr-x	2022-03-31 04:35
transfer_account_as_user	2.34 KB	-rwxr-xr-x	2022-03-31 04:35
transfer_accounts_as_root	4.76 KB	-rwxr-xr-x	2022-03-31 04:35
transfer_in_progress	3.08 KB	-rwxr-xr-x	2022-03-31 04:35
transfer_in_progress.pod	312 B	-rw-r--r--	2021-01-07 20:20
transfermysqlusers	9.55 MB	-rwx------	2026-03-11 04:35
try-later	7.95 KB	-rwxr-xr-x	2022-03-31 04:35
unblockip	667 B	-rwxr-xr-x	2022-03-31 04:35
uninstall_cpanel_analytics	1.2 KB	-rwxr-xr-x	2022-03-31 04:35
uninstall_dovecot_fts	562 B	-rwxr-xr-x	2022-03-31 04:35
uninstall_plugin	2.84 KB	-rwxr-xr-x	2022-09-15 04:35
unlink_service_account	2.62 KB	-rwxr-xr-x	2022-03-31 04:35
unpkgacct	4.6 KB	-rwxr-xr-x	2022-03-31 04:35
unslavenamedconf	863 B	-rwxr-xr-x	2022-03-31 04:35
unsuspendacct	17.8 KB	-rwxr-xr-x	2023-04-17 04:35
unsuspendmysqlusers	6.71 KB	-rwxr-xr-x	2022-09-15 04:35
upcp	31.56 KB	-rwxr-xr-x	2022-09-15 04:35
upcp-running	2.7 KB	-rwxr-xr-x	2022-03-31 04:35
upcp.static	709.53 KB	-rwxr-xr-x	2026-03-24 04:35
update-packages	4.77 KB	-rwxr-xr-x	2022-03-31 04:35
update_apachectl	480 B	-rwxr-xr-x	2022-03-31 04:35
update_db_cache	430 B	-rwxr-xr-x	2022-03-31 04:35
update_dkim_keys	1.45 KB	-rwxr-xr-x	2022-03-31 04:35
update_exim_rejects	1.21 KB	-rwxr-xr-x	2022-03-31 04:35
update_existing_mail_quotas_for_account	4.78 KB	-rwxr-xr-x	2022-03-31 04:35
update_known_proxy_ips	1002 B	-rwxr-xr-x	2022-03-31 04:35
update_local_rpm_versions	4.56 KB	-rwxr-xr-x	2023-02-21 05:35
update_mailman_cache	8.34 KB	-rwxr-xr-x	2022-03-31 04:35
update_mysql_systemd_config	1.25 KB	-rwxr-xr-x	2022-03-31 04:35
update_neighbor_netblocks	487 B	-rwxr-xr-x	2022-03-31 04:35
update_sa_config	2.14 KB	-rwxr-xr-x	2022-03-31 04:35
update_spamassassin_config	10.73 KB	-rwxr-xr-x	2023-02-21 05:35
update_users_jail	691 B	-rwxr-xr-x	2022-03-31 04:35
update_users_vhosts	801 B	-rwxr-xr-x	2022-03-31 04:35
updatedomainips	605 B	-rwxr-xr-x	2022-03-31 04:35
updatenameserverips	1.66 KB	-rwxr-xr-x	2022-03-31 04:35
updatenow	5.18 KB	-rwxr-xr-x	2022-09-15 04:35
updatenow.static	1.91 MB	-rwxr-xr-x	2026-03-24 04:35
updatesigningkey	1.95 KB	-rwxr-xr-x	2022-03-31 04:35
updatessldomains	1.81 KB	-rwxr-xr-x	2022-03-31 04:35
updatesupportauthorizations	2.49 KB	-rwxr-xr-x	2022-03-31 04:35
updateuserdatacache	2.47 KB	-rwxr-xr-x	2022-03-31 04:35
updateuserdomains	774 B	-rwxr-xr-x	2022-03-31 04:35
upgrade_bandwidth_dbs	2.22 KB	-rwxr-xr-x	2022-03-31 04:35
upgrade_subaccount_databases	2.73 KB	-rwxr-xr-x	2022-03-31 04:35
userdata_wildcard_cleanup	5.74 KB	-rwxr-xr-x	2022-03-31 04:35
userdirctl	5.01 KB	-rwxr-xr-x	2022-03-31 04:35
validate_sshkey_passphrase	1.21 KB	-rwxr-xr-x	2022-03-31 04:35
verify_api_spec_files	757 B	-rwxr-xr-x	2022-03-31 04:35
verify_pidfile	1.96 KB	-rwxr-xr-x	2022-03-31 04:35
verify_vhost_includes	7.34 KB	-rwxr-xr-x	2022-09-15 04:35
vps_optimizer	7.82 KB	-rwxr-xr-x	2022-03-31 04:35
vzzo-fixer	725 B	-rwxr-xr-x	2022-03-31 04:35
whmlogin	2.33 KB	-rwxr-xr-x	2022-03-31 04:35
whoowns	1.13 KB	-rwxr-xr-x	2021-01-07 20:20
wpt_license	6.27 MB	-rwx------	2026-03-11 04:35
wwwacct	24.59 MB	-rwx------	2026-03-11 04:35
wwwacct2	88 B	-rwxr-xr-x	2021-01-07 20:20
xfer_rcube_schema_migrate.pl	2.4 KB	-rwxr-xr-x	2022-03-31 04:35
xfer_rcube_uid_resolver.pl	1.8 KB	-rwxr-xr-x	2022-03-31 04:35
xferpoint	3.13 KB	-rwxr-xr-x	2022-03-31 04:35
xfertool	16.14 KB	-rwxr-xr-x	2023-04-17 04:35
zoneexists	800 B	-rwxr-xr-x	2022-03-31 04:35

Rename

#!/bin/bash
#							   +----+----+----+----+
# 							   |    |    |    |    |
# Author: Mark David Scott Cunningham			   | M  | D  | S  | C  |
# 							   +----+----+----+----+
# Created: 2015-04-23
# Updated: 2018-12-06
#
# Purpose: Automate the process of analyzing exim_mainlog and queue, to locate
#          the usual suspects related to a server sending outbound spam mail.
#

## Exim Cheetsheet
# http://bradthemad.org/tech/notes/exim_cheatsheet.php

# Inspiration from previous work by: mwineland
# With php_maillog functions assisted by: mcarmack

## Exim command line flags and usage
# http://www.exim.org/exim-html-4.50/doc/html/spec_5.html#IX199

## Exim Utilities (help and usage info)
# http://www.exim.org/exim-html-4.50/doc/html/spec_49.html#IX2895

## Exim Log Files (flags and delimiters)
# http://www.exim.org/exim-html-current/doc/html/spec_html/ch-log_files.html

#-----------------------------------------------------------------------------#
## Because /moar/ regex is always better
shopt -s extglob

#-----------------------------------------------------------------------------#
## Workaround for exim logs with binary garbage in them
shopt -s expand_aliases
alias grep='grep -a'

#-----------------------------------------------------------------------------#
## Utility functions, because prettier is better
dash(){ for ((i=1;i<=$1;i++)); do printf $2; done; }
section_header(){ echo -e "\n$1\n$(dash 40 -)"; }

#-----------------------------------------------------------------------------#
## Initializations
LOGFILE="/var/log/exim_mainlog"
PHPLOG=$(grep -h ^mail.log /usr/local/lib/php.ini /opt/cpanel/ea-php*/root/etc/php.ini 2>/dev/null | tr -d '"' | awk '{print $NF}' | sort | uniq | head -1);
QUEUEFILE="/tmp/exim_queue_$(date +%Y.%m.%d_%H.%M)"
l=1; p=0; q=0; full_log=0; fast_mode='';
LINECOUNT='1000000'
RESULTCOUNT='10'
DAYS=''; VERBOSE=0; OUT_LIST=''
L_OUT='LDir LAcct LAuth L-IP LFail LSpoof LBulk LSubj LBnce'
Q_OUT='QSum QAuth QLoc QSpoof QSubj QScript QSend QBnce QFrzn'

#-----------------------------------------------------------------------------#
# Menus for the un-initiated
#-----------------------------------------------------------------------------#
## MAIN MENU BEGIN
main_menu(){
PS3="Enter selection: "; clear
echo -e "$(dash 80 =)\nCurrent Queue: $(exim -bpc)\n$(dash 40 -)\n\nWhat would you like to do?\n$(dash 40 -)"
select OPTION in "Analyze Exim Logs (RUN THIS FIRST)" "Analyze PHP Logs" "Analyze Exim Queue" "Quit"; do
  case $OPTION in

"Analyze Exim Logs (RUN THIS FIRST)")
      log_select_menu "/var/log/exim_mainlog"
      if [[ $l != '0' && -f $LOGFILE && ! $(file -b $LOGFILE) =~ zip ]]; then line_count_menu; fi
      results_prompt $l; break ;;

"Analyze PHP Logs")
      l=0; p=1; q=0; log_select_menu ${PHPLOG};
      if [[ $p != '0' && -f $PHPLOG && ! $(file -b $PHPLOG) =~ zip ]]; then line_count_menu; fi
      results_prompt $p; break;;

"Analyze Exim Queue")
      l=0; q=1; p=0; line_count_menu;
      results_prompt $q; break ;;

"Quit") l=0; q=0; p=0; break ;;

*) echo -e "\nPlease enter a valid option.\n" ;;

esac;
done; clear
}
## MAIN MENU END

#-----------------------------------------------------------------------------#
## Select a log file from what's on the server
log_select_menu(){
  if [[ -f $1 ]]; then
    echo -e "\nWhich file?\n$(dash 40 -)\n$(du -sh ${1}* 2> /dev/null)\n"
    select LOGS in ${1}* "Quit"; do
      case $LOGS in
        "Quit") l=0; q=0; p=0; break ;;
        *) if [[ -f $LOGS ]]; then LOGFILE=$LOGS; PHPLOG=$LOGS; break;
           elif [[ -f ${REPLY} ]]; then LOGFILE=${REPLY}; PHPLOG=${REPLY}; break;
           else echo -e "\nPlease enter a valid option.\n"; fi ;;
      esac
    done;
  else
    echo -e "\nNo logs found. Quitting.\n"; l=0; q=0; p=0;
    read -p "Press [Enter] to continue ..." pause;
  fi
}

#-----------------------------------------------------------------------------#
## Lines to read from the log file
line_count_menu(){
  PS3="Enter selection or linecount: "
  echo -e "\nHow many lines to analyze?\n$(dash 40 -)"
  select LINES in "Last 10,000 lines" "Last 100,000 lines" "Last 1,000,000 lines" "All of it" "Quit"; do
    case $LINES in
      "Quit") l=0; q=0; p=0; break ;;
      "All of it") full_log=1; break ;;
      "Last 10,000 lines") LINECOUNT=10000; break ;;
      "Last 100,000 lines") LINECOUNT=100000; break ;;
      "Last 1,000,000 lines") LINECOUNT=1000000; break ;;
      *) if [[ ${REPLY} =~ [0-9] ]]; then LINECOUNT=${REPLY}; break;
         else echo "Invalid input, using defaults."; break; fi ;;
    esac
  done
}

#-----------------------------------------------------------------------------#
# How many results to show
results_prompt(){
  if [[ $1 != '0' ]]; then
    echo; read -p "How many results do you want? [10]: " NEWCOUNT;
    if [[ -n $NEWCOUNT && $NEWCOUNT =~ [0-9] ]]; then RESULTCOUNT=$NEWCOUNT;
      elif [[ -z $NEWCOUNT ]]; then echo "Continuing with defaults.";
      else echo "Invalid input, using defaults."; fi;
  fi
}

#-----------------------------------------------------------------------------#
# Calculate lines to read if start date is set (-d flag).
date_lookup(){
  if [[ $l == 1 ]]; then DATE=$(date --date="-$DAYS days" +%Y-%m-%d);
    elif [[ $p == 1 ]]; then DATE=$(date --date="-$DAYS days" +"%e %b %Y"); fi

if [[ -n $DAYS ]]; then
    echo -ne "Searching for date: $DATE\r"
    FIRSTLINE=$(grep -n "$DATE" $1 | head -1 | cut -d: -f1)

if [[ -n $FIRSTLINE ]]; then
      LINECOUNT="+${FIRSTLINE}"
    else
      echo "Could not find the desired date in the log, using default 1,000,000 lines."
    fi
  fi
}

#-----------------------------------------------------------------------------#
# Setup how much of the log file to read and how.
set_decomp(){
  # Servername and Current time of Analysis, and exim version
  echo -e "Hostname: $(hostname)\nCur.Date: $(date +'%A, %B %d, %Y -- %Y.%m.%d')\nExim Ver: $($(which exim) --version 2> /dev/null | head -n1)\n"

# Compressed file -- decompress and read whole log
  if [[ $(file -b $1) =~ zip ]]; then
    DECOMP="zcat -f";
    du -sh $1 | awk '{print "Using Log File: "$2,"("$1")"}'
    if [[ $l == 1 ]]; then
      $DECOMP $1 | head -n 1 | awk '{print "First date in log: "$1,$2}'
    elif [[ $p == 1 ]]; then
      $DECOMP $1 | head -n 1000 | perl -pe 's/.*(Date:.*?)\ Ret.*/\1/g' | awk '/Date:/ {print "First date in log: "$2,$3,$4,$5,$6}' | head -1
    fi

# Read full log (uncompressed)
  elif [[ $full_log == 1 ]]; then
    DECOMP="cat";
    du -sh $1 | awk '{print "Using Log File: "$2,"("$1")"}'
    if [[ $l == 1 ]]; then
      head -1 $1 | awk '{print "First date in log: "$1,$2}';
    elif [[ $p == 1 ]]; then
      grep "Date:" $1 | head -1 | perl -pe 's/.*(Date:.*?)\ Ret.*/\1/g' | awk '/Date:/ {print "First date in log: "$2,$3,$4,$5,$6}';
    fi

# Minimize impact on initial scan, using last LINECOUNT lines
  # Search for first date at the start of the LINECOUNT
  elif [[ -z $DAYS ]]; then
    DECOMP="tail -n $LINECOUNT";
    du -sh $1 | awk -v LINES="$LINECOUNT" '{print "Last",LINES,"lines of: "$2,"("$1")"}';
    echo -ne "Searching for first date  . . . \r"
    if [[ $l == 1 ]]; then
      tac $1 | head -n $LINECOUNT | tail -n 1 | awk '{print "First date found: "$1,$2}'
    elif [[ $p == 1 ]]; then
      tac $1 | head -n $LINECOUNT | tail -n 1000 | perl -pe 's/.*(Date:.*?)\ Ret.*/\1/g' | awk '/^Date:/ {print "First date found: "$2,$3,$4,$5,$6}' | tail -1
    fi

# Use speficied date as starting point
  elif [[ -n $DAYS ]]; then
    DECOMP="tail -n $LINECOUNT";
    du -sh $1 | awk -v LINES="$LINECOUNT" '{print "Last",LINES,"lines of: "$2,"("$1")"}';
    echo "Starting with specified date: $DATE"
  fi

# If log is not compressed, read the last date from the file
  if [[ ! $(file -b $1) =~ zip ]]; then
    if [[ $l == 1 ]]; then
      tail -n 1 $1 | awk '{print "Last date in log: "$1,$2}'
    elif [[ $p == 1 ]]; then
      tail -n 1000 $1 | perl -pe 's/.*(Date:.*?)\ Ret.*/\1/g' | awk '/Date:/ {print "Last date in log: "$2,$3,$4,$5,$6}' | tail -1
    fi
  fi
}

#-----------------------------------------------------------------------------#
# Process commandline flags
arg_parse(){
  local OPTIND;
  while getopts ac:d:f:Fhn:o:pqv OPTIONS; do
    case "${OPTIONS}" in
      a) full_log=1 ;;
      c) LINECOUNT=${OPTARG} ;;
      d) DAYS=${OPTARG} ;;
      f) LOGFILE=${OPTARG}; QUEUEFILE=${OPTARG}; PHPLOG=${OPTARG} ;; # Specify a log/queue file
      F) fast_mode=1 ;;
      n) RESULTCOUNT=${OPTARG} ;;
      o) OUT_LIST=$(echo ${OPTARG} | sed 's/,/ /g') ;;
      p) l=0; p=1; q=0 ;; # PHP log
      q) l=0; q=1; p=0 ;; # Analyze queue instead of log
      v) VERBOSE=1 ;; # Debugging Output
      h) l=0; q=0; p=0;
         echo -e "\nUsage: $0 [OPTIONS]\n
    -a ... Read full log (instead of last 1M lines)
    -c ... <#lines> to read from the end of the log
    -d ... <#days> back to read in the log (calculates linecount)
    -f ... </path/to/logfile> to use instead of default
    -F ... FastMode (skip dumping exim queue to log)
    -n ... <#results> to show from analysis
    -o ... Output only selected section(s) of mail analysis
             provided as comma separated list [LDir,LAcct,LAuth...]
           ----------------------------------------
           LDir .... Directories
           LAcct ... Accounts/Domain
           LAuth ... Authenticated Users
           L-IP .... IP-Address / Auth-Users
           LFail ... Failed Login IPs
           LSpoof .. Spoofed Senders
           LBulk ... Bulk Senders
           LSubj ... Subjects (Non-Bounceback)
           LBnce ... Bouncebacks (address)
           ----------------------------------------
           QSum .... Queue Summary
           QAuth ... Authenticated Users
           QLoc .... Authenticated Local Users
           QSpoof .. Spoofed Senders
           QSubj ... Subjects
           QScript . X-PHP-Scripts
           QSend ... Senders
           QBnce ... Bouncebacks (count)
           QFrzn ... Frozen (count)
           ----------------------------------------
    -p ... Look for 'X-PHP-Script' in the php mail log
    -q ... Create a queue logfile and analyze the queue
    -v ... Verbose (debugging output)\n
    -h ... Print this help and quit\n";
         return 0 ;; # Print help and quit
    esac
  done
}

#-----------------------------------------------------------------------------#
## Setup the log file analysis methods
mail_logs(){
# This will run a basic analysis of the exim_mainlog, and hopefully will also do the first few
# steps of finding any malware/scripts that are sending mail and their origins

date_lookup $LOGFILE
echo; set_decomp $LOGFILE;

if [[ $OUT_LIST ]]; then L_OUT=$OUT_LIST; fi
for opt in $L_OUT; do
  case $opt in

LDir) ## Count of messages sent by scripts
section_header "Directories"
$DECOMP $LOGFILE | grep 'cwd=' | grep -Eiv 'spool|error|exim' | perl -pe 's/.*cwd=(\/.*?)\ [0-9]\ args:.*/\1/g'\
 | awk '{freq[$0]++} END {for (x in freq) {printf "%8s %s\n",freq[x],x}}'\
 | sort -rn | head -n $RESULTCOUNT ;;

LAcct) # Count of messages per "Account/Domains"
section_header "Accounts/Domains"
$DECOMP $LOGFILE | grep -o '<=\ [^<>].*\ U=.*\ P=' | perl -pe 's/.*@(.*?)\ U=(.*?)\ P=/\2 \1/g'\
 | awk '{freq[$0]++} END {for (x in freq) {printf "%8s %s\n",freq[x],x}}'\
 | sort -rn | head -n $RESULTCOUNT | awk '{printf "%8s %-10s %s\n",$1,$2,$3}' ;;

LAuth) # Count of messages per Auth-Users
section_header "Auth-Users"
$DECOMP $LOGFILE | grep -Eo 'A=.*in:.*\ S=' | perl -pe 's/.*:(.*?)\ S=/\1/g'\
 | awk '{freq[$0]++} END {for (x in freq) {printf "%8s %s\n",freq[x],x}}'\
 | sort -rn | head -n $RESULTCOUNT ;;

L-IP) # Count of IPs per Auth-Users
section_header "IP-Addresses/Auth-Users"
$DECOMP $LOGFILE | grep 'A=.*in:.*\ S=' | perl -pe 's/.*[^I=]\[(.*?)\].*A=.*in:(.*?)\ S=.*$/\1 \2/g'\
 | awk '{freq[$0]++} END {for (x in freq) {printf "%8s %s\n",freq[x],x}}'\
 | sort -rn | head -n $RESULTCOUNT | awk '{printf "%8s %-15s %s\n",$1,$2,$3}' ;;

LFail) # Count of IPs that failed login
section_header "Failed Login IPs"
$DECOMP $LOGFILE | grep 'authenticator failed' | perl -pe 's/.*\ \[(.*?)\]:.*/\1/g'\
 | awk '{freq[$1]++} END {for (x in freq) {printf "%8s %s\n",freq[x],x}}'\
 | sort -rn | head -n $RESULTCOUNT ;;

LSpoof) # Spoofed Sender Addresses
section_header "Spoofed Senders"
FMT="%8s %-35s %s\n"
printf "$FMT" "Count " " Auth-User" " Spoofed-User"
printf "$FMT" "--------" "$(dash 35 -)" "$(dash 35 -)"
$DECOMP $LOGFILE | grep 'A=.*in:.*\ S=' | perl -pe 's/.*<=\ (.*?)\ .*A=.*in:(.*?)\ .*/\2 \1/g'\
 | awk '{ if ($1 != $2) freq[$0]++} END {for (x in freq) {printf "%8s %s\n",freq[x],x}}'\
 | sort -rn | head -n $RESULTCOUNT | awk -v FMT="$FMT" '{printf FMT,$1" ",$2,$3}'
printf "$FMT" "--------" "$(dash 35 -)" "$(dash 35 -)" ;;

LBulk) # Show sent messages with the most recipients
section_header "Bulk Senders"
FMT="%8s %-16s %s\n"
printf "$FMT" "RCPTs " " MessageID" " Auth-User"
printf "$FMT" "--------" "$(dash 16 -)" "$(dash 40 -)"

#This missed webmail logins sending bulk mail
#$DECOMP $LOGFILE | grep "<=.*A=.*in:.*\ for\ "\
# | perl -pe 's/.*\ (.*?)\ <=\ .*A=.*in:(.*)\ S=.*\ for\ (.*)//g; print $count = scalar(split(" ",$3))," ",$1," ",$2;'\

$DECOMP $LOGFILE | grep '<=\ .*id=.*\ for\ '\
 | perl -pe 's/.*\ (.*?)\ <=\ (.*).*id=.*\ for\ (.*)//g; print $count = scalar(split(" ",$3))," ",$1," ",$2;'\
 | sort -rn | head -n $RESULTCOUNT | awk -v FMT="$FMT" '{printf FMT,$1" ",$2,$3}'
printf "$FMT" "--------" "$(dash 16 -)" "$(dash 40 -)" ;;

LSubj) # Count of Messages by Subject
section_header "Subjects (Non-Bounceback)"
$DECOMP $LOGFILE | grep '<=.*T=' | perl -pe 's/.*T=\"(.*?)\".*/\1/g'\
 | awk '!/failed: |deferred: / {freq[$0]++} END {for (x in freq) {printf "%8s %s\n",freq[x],x}}'\
 | sort -rn | head -n $RESULTCOUNT ;;

LBnce) # Count of Bouncebacks by address
section_header "Bouncebacks (address)"
$DECOMP $LOGFILE | grep '<= <>.*\ for\ ' | perl -pe 's/.*\".*for\ (.*$)/\1/g'\
 | awk '{freq[$0]++} END {for (x in freq) {printf "%8s %s\n",freq[x],x}}'\
 | sort -rn | head -n $RESULTCOUNT ;;

*) echo "$opt is not a valid output option." ;;

esac
done; echo
}

#-----------------------------------------------------------------------------#
## Setup the queue/file analysis methods
mail_queue(){
# This will run a basic summary of the mail queue, using both exim -bpr and /var/spool/exim/input/*

# Limit the queue scan to keep things fast
if [[ $full_log == 1 ]]; then READLIMIT="cat"; LOGLIMIT="cat"
  else READLIMIT="head -n $LINECOUNT"; LOGLIMIT="head -n $(( $LINECOUNT * 3 ))"; fi

## Generate Header File List
HEADER_LIST=$(find /var/spool/exim/input/ -type f -name "*-H" -print 2>/dev/null | $READLIMIT)

if [[ $OUT_LIST ]]; then Q_OUT=$OUT_LIST; fi

for opt in $Q_OUT; do
  case $opt in

QSum) ## Queue Summary
## Current Queue Dump
if [[ -f $QUEUEFILE ]]; then
  echo -e "\nFound existing queue dump ( $QUEUEFILE ).\n"
elif [[ ! $fast_mode ]]; then
  echo -e "\nCreating Queue Dump ($QUEUEFILE) to speed up analysis\n ... Thank you for your patience"
  /usr/sbin/exim -bpr | $LOGLIMIT > $QUEUEFILE
fi

# Read full log (uncompressed)
if [[ $full_log == 1 ]]; then
  DECOMP="cat";
  du -sh $QUEUEFILE | awk '{print "Using Queue Dump: "$2,"("$1")"}'
# Minimize impact on initial scan, using last 1,000,000 lines
elif [[ ! $fast_mode ]]; then
  DECOMP="tail -n $LINECOUNT";
  du -sh $QUEUEFILE | awk -v LINES="$LINECOUNT" '{print "Last",LINES,"lines of: "$2,"("$1")"}';
fi

QSpoof) ## Queue Spoofed Senders
section_header "Queue: Spoofed Senders"
FMT="%8s %-35s %s\n"
printf "$FMT" "Count " " Auth-User" " Spoofed-User"
printf "$FMT" "--------" "$(dash 35 -)" "$(dash 35 -)"
echo $HEADER_LIST | xargs awk '/auth_id/{printf $2" "};/envelope-from/{print $2}' 2>/dev/null | tr -d '<>)'\
 | awk '{ if ($1 != $2) freq[$0]++} END {for (x in freq) {printf "%8s %s\n",freq[x],x}}'\
 | sort -rn | head -n $RESULTCOUNT | awk -v FMT="$FMT" '{printf FMT,$1" ",$2,$3}'
printf "$FMT" "--------" "$(dash 35 -)" "$(dash 35 -)" ;;

QSend) ## Count of (non-bounceback) Sending Addresses in queue
section_header "Queue: Senders"
echo $HEADER_LIST | xargs grep --no-filename '^<[^>]' 2>/dev/null\
 | awk '{freq[$1]++} END {for (x in freq) {printf "%8s %s\n",freq[x],x}}' | sort -rn | tr -d '<>' | head -n $RESULTCOUNT ;;

QBnce) ## Count of Bouncebacks in the queue
section_header "Queue: Bouncebacks (count)"
echo $HEADER_LIST | xargs grep --no-filename '^<>' 2>/dev/null\
 | awk '{freq[$1]++} END {for (x in freq) {printf "%8s %s\n",freq[x],x}}' | sort -rn | head -n $RESULTCOUNT ;;

QFrzn) ## Count of 'frozen' messages by user
section_header "Queue: Frozen (count)"
echo $HEADER_LIST | xargs grep --no-filename '\-frozen' 2>/dev/null\
 | awk '($2 ~ /[0-9]/) {freq[$1]++} END {for (x in freq) {printf "%8s %s\n",freq[x],x}}' | sort -rn | head -n $RESULTCOUNT ;;

*) echo "$opt is not a valid output option" ;;

esac
done; echo
}

# Check that X_Header is turned on and process the php_maillog
mail_php(){
echo -e "\n$(php -v | head -1)\n"
date_lookup $PHPLOG

if [[ -f $PHPLOG ]]; then
  echo "mail.log: $PHPLOG ($(du -sh $PHPLOG | awk '{print $1}'))"

set_decomp $PHPLOG;

# Look for mailer scripts in the php_maillog
  section_header "PHP Mailer Scripts"
  $DECOMP $PHPLOG | perl -pe 's/.*\[(\/home.*?)\]/\1/g'\
   | awk -F: '{freq[$1]++} END {for (x in freq) {printf "%8s %s\n",freq[x],x}}' | sort -rn | head -n $RESULTCOUNT

echo

else
  echo "php_maillog configuration could not be located"

## Prompt and configure php_maillog if confirmed.
  read -p "Would you like to enable add_x_header and the php_maillog? " yn;
  case $yn in
    y|Y|yes|Yes|YES)
      if [[ "$(php -v | grep -oP 'PHP 5.[^12]')" != '' ]]; then
        if [[ -z $(egrep '(^mail.add_x_header|^mail.log)' $PHPCONF) ]]; then
          cp -a $PHPCONF{,.pre_php_mail_log_addition};
          perl -n -i -e 'print; print "mail.add_x_header = On\nmail.log = /var/log/php_maillog\n" if /(\[mail function\])/' $PHPCONF;
          echo -e "\nVariables Added to [mail function]:\n";
          egrep '(^mail.add_x_header = On|^mail.log = /var/log/php_maillog)' $PHPCONF;

touch /var/log/php_maillog && chmod 666 /var/log/php_maillog; echo -e "\nLog File Created:";
          ls -l /var/log/php_maillog | awk '{print $1,$NF}';

echo -e "/var/log/php_maillog {\n\tcompress\n\tcreate\n\tweekly\n\tmissingok\n\trotate 4\n\tpostrotate\n\t/usr/sbin/httpd graceful\n\tendscript\n}" > /etc/logrotate.d/php_maillog
          echo -e "\nLogrotate configured for/var/log/php_maillog"

echo -e "\nRestarting httpd Service"
          if [[ -d /etc/systemd ]]; then systemctl restart httpd 2>/dev/null; else /etc/init.d/httpd restart 2>/dev/null; fi
        else
          echo -e "\nNothing Done.\nCheck /usr/local/lib/php.ini:\n";
          egrep -n '(mail.add_x_header|mail.log)' $PHPCONF;
        fi;
      else
        echo -e "\nNothing Done.\nThis only works with 5.3 or higher";
      fi ;;
    *) echo "Okay, quitting for now." ;;
  esac
fi
}

#-----------------------------------------------------------------------------#
# Call menus or parse cli flags
if [[ -z $@ ]]; then main_menu; else arg_parse "$@"; fi

#-----------------------------------------------------------------------------#
## Run either logs() or queue() function
if [[ $l == 1 ]]; then mail_logs
elif [[ $q == 1 ]]; then mail_queue
elif [[ $p == 1 ]]; then mail_php; fi

if [[ $VERBOSE == 1 ]]; then
  dash 80 =; section_header "Debugging Information"
  echo -e "    LOGFILE : $LOGFILE
  QUEUEFILE : $QUEUEFILE
     PHPLOG : $PHPLOG
    PHPCONF : $PHPCONF
   full_log : $full_log
  LINECOUNT : $LINECOUNT
RESULTCOUNT : $RESULTCOUNT
   OUT_LIST : ${OUT_LIST:-Unset}
      L_OUT : $L_OUT
      Q_OUT : $Q_OUT
       DAYS : ${DAYS:-Unset}
       DATE : ${DATE:-Unset}\n"
fi

unset LOGFILE QUEUEFILE PHPCONF PHPLOG full_log LINECOUNT RESULTCOUNT DAYS DATE VERBOSE READLIMIT LOGLIMIT
#~Fin~