Entry Mailnull In The Mail Logs Of Exim?
Apr 8, 2008I have often seen the entry mailnull in the mail logs of exim.
I don't understand it. What is meant by mailnull? where can i get information about it?
ADVERTISEMENT
Exim :: Catch The User Sending Spam With Mailnull?
May 28, 2009i have a vps but there is too much process called mailnull
after that the data centre closed my server for being sent spam
so how i can catch the user sending spam with mailnull?
Exim Mail Out Logs (checking For Spammers On Server)
Mar 31, 2009Hi, today i was banned from hotmail aparently someone enter our server to one account of one client and sent spam all over the net...
platinumservermanagement already told us the name of the account used and we change the password,
can you please tell me where can i check the out mail logs (am using centos & exim) to see if anyone else is sending out spam? or the number of emails sent?
Exim Logs
Mar 19, 2007- exim_mainlog starts at 03/18/2007 (not aware of any rotating log crons)
- grep info@someexternaldomain.com /var/log/exim_mainlog is empty, even after sending to that email from localdomain.com today, a few times
- localdomain.com is found fine in localdomains, trueuserdomains
- localdomain.com sent just fine to another local domain on server plus gmail account. Delivery receipt to both domains plus the info@someexternaldomain.com were "succesful"
I've received from info@someexternaldomain.com many times back and forth without issues, yet today nothing shows up in exim_mainlog NOR any other logs inside /var/log
This Ip Has No Reverse DNS Entry; Some Mail Servers May Not Accept Your Mail.
Jul 20, 2007i enter my ip in dnsstuff.com for see spam my mail
because if i send one e-mail of my server to gmail go to spam
[url]
PTR MISSING! 111.1.1.1.1.1 has no reverse DNS entry; some mail servers may not accept your mail. 86400 seconds 0 ms
What means?
means my ip server is in blac list?
Removing Exim Logs Command
Mar 28, 2009We are getting critical warning of disk space as a result of our exim logs, specifically exim_mainlog and exim_rejectlog.
What is the proper ssh command to delete or minimize these?
I am not that familiar with the correct commands. Both files are located /var/log/
Exim Logs :: Permission Denied: While Opening Or Reading
Jun 12, 2008I have problem with exim in my dedicated. All days I have more tham 1000 messages in queue. I delete frozen messages and run exim -v -q and after delete all message. Next day I have more that 1000 message in queue.
I see that some local emails was not delivered. So I saw in exim log errors messages as:
===
Message 1K5SHE-0001LE-LS is not frozen
delivering 1K5SHE-0001LE-LS
LOG: MAIN
== dadinho@xx.org R=virtual_user T=virtual_userdelivery defer (13): Permission denied: while opening or reading /home/levarte/mail/xx.org/dadinho/maildirsize
===
But I have not any file called "/home/levarte/mail/xx.org/dadinho/maildirsize"
What means this error message?
How To Configure Mx Entry Target Mail Server
May 30, 2008What configurations are needed on a whm/cpanel vps hosting account in order to be used as a mail server for a domain being hosted on another server? The domain's mx entry have already been altered to point to the target mail server.
View 1 Replies View RelatedSpammers Trying To Connect To Mail Server & Filling Logs
Aug 13, 2008I use cpanel.
Is there any way to disallow connections to SEND mail FROM my server to specific IPs? (Similarly to how you can limit connections to sshd from certain IPs)
I realize I cannot disable everything completely, as yahoo and the likes will have to connect to deliver mail. But no one of any use is going to try and connect to send mail, but a spammer.
No one has gotten in and abused it as of yet (knock on wood), but SMTP is being restarted at random and I can only imagine that this is being caused by one of these scumbags probably ddos'ing me. It takes eons to browse these logs, even if they restart via logrotate periodically!
Access Logs And Errors Logs
Jul 25, 2007is it possiable to delete these files in the server access_logs and errors_logs
View 1 Replies View RelatedExim Mail Server :: Your Outgoing SMTP E-mail Server Has Reported An Internal Error ...
Jul 2, 2008I getting this error when our clients are sending mail from outlook but they are able to send mail from webmail.
we are using exim mail server and whm . i can't understand where is problem , anybody can help me ?
Sending' reported error (0x800CCC6A) : 'Your
outgoing (SMTP) e-mail server has reported an internal error. If you
continue to receive this message, contact your server administrator or
Internet service provider (ISP). The server responded: 451 Please try again
later.
Exim/Mail
Jan 20, 2007I keep getting this error..
Code:
Message 1H8DAL-0003Dq-9e is not frozen
delivering 1H8DAL-0003Dq-9e
LOG: MAIN
== scribby@scribbytech.net R=central_filter defer (-17): error in filter file: unrecognized condition word """" near line 7 of filter file
I've tried upcp --force, fixeverything & upexim --force
Exim Mail Statistics Log
Sep 14, 2007Under WHM ( Main >> Email >> View Mail Statistics ) there are mail statistics.
My stats is too poor, I see only 1 hour first.. other hour is all 0.. how can I set the size of log for make bigger and store all day value?
How To Block All Exim Incoming Mail
Feb 24, 2008problem with incoming spam to my server. Causing high load that eventually take down the server.
Since I don't use the server for my mail (I use Gmail), can anyone let me know the easiest way to stop/block all incoming mails to the server? I still need outgoing mail, though. Some of my PHP forms need it.
Right now, I stopped Exim to save the server (if it runs, load can get to 900+).
Exim RBL Whitelisting Per E-mail Address
Aug 24, 2007According to tutorial [url]
You need to have this files
domainlist rbl_blacklist = lsearch;/etc/rblblacklist
domainlist rbl_bypass = lsearch;/etc/rblbypass
hostlist rbl_whitelist = lsearch;/etc/relayhosts : net-iplsearch;/etc/rblwhitelist
Ok one do permanent blacklist, other bypass rbl scanning and the other whitelist rbl scanning. Right now I´m whitelisting using CIDR net format (note that net-iplsearch will allow that).
Is there a way to add other rule to whitelist per e-mail address? I dont know if there sender = can be applied.
domains = +rbl_bypass -> do the domain bypass
hosts = +rbl_whitelist -> do the whitlist
Per Minute In Exim Mail Queue
Dec 18, 2007I get dozens of these per minute in exim mail queue
Quote:
1J4neJ-0001DS-Ns-H
mailnull 47 12
<>
1198027383 0
-ident mailnull
-received_protocol local
-body_linecount 33
-max_received_linelength 115
-allow_unqualified_recipient
-allow_unqualified_sender
-localerror
XX
1
root@server.mydomain.com
154P Received: from mailnull by server.mydomain.com with local (Exim 4.68)
id 1J4neJ-0001DS-Ns
for root@server.mydomain.com; Tue, 18 Dec 2007 19:23:03 -0600
038 X-Failed-Recipients: admin@domain.com
029 Auto-Submitted: auto-replied
063F From: Mail Delivery System <Mailer-Daemon@server.mydomain.com>
029T To: root@server.mydomain.com
059 Subject: Mail delivery failed: returning message to sender
052I Message-Id: <E1J4neJ-0001DS-Ns@server.mydomain.com>
038 Date: Tue, 18 Dec 2007 19:23:03 -0600
1J4neJ-0001DS-Ns-D
This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:
admin@domain.com
SMTP error from remote mail server after RCPT TO:<admin@domain.com>:
host sentry.domainbank.com [64.85.73.28]: 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)
------ This is a copy of the message, including all the headers. ------
Return-path: <root@server.mydomain.com>
Received: from root by server.mydomain.com with local (Exim 4.68)
(envelope-from <root@server.mydomain.com>)
id 1J4neI-0001D9-4I
for admin@domain.com; Tue, 18 Dec 2007 19:23:02 -0600
To: admin@domain.com
Subject: Services(2) failed
From: monitor@domain.com
Message-Id: <E1J4neI-0001D9-4I@server.mydomain.com>
Date: Tue, 18 Dec 2007 19:23:02 -0600
Address:mydomain.com
Following services are down:
SSH(22)
MySQL(3306)
Do not reply to this!
For further details please contact your provider!
Then I get this also
Quote:
1J4nhC-0001Kn-2T-H
root 0 0
<root@server.mydomain.com>
1198027562 0
-ident root
-received_protocol local
-body_linecount 13
-max_received_linelength 77
-auth_id root
-auth_sender root@server.mydomain.com
-allow_unqualified_recipient
-allow_unqualified_sender
-local
XX
1
root@server.mydomain.com
194P Received: from root by server.mydomain.com with local (Exim 4.68)
(envelope-from <root@server.mydomain.com>)
id 1J4nhC-0001Kn-2T
for root@server.mydomain.com; Tue, 18 Dec 2007 19:26:02 -0600
025* From: root (Cron Daemon)
045F From: root@server.mydomain.com (Cron Daemon)
009* To: root
029T To: root@server.mydomain.com
077 Subject: Cron <root@server> lynx --dump [url]
028 X-Cron-Env: <SHELL=/bin/sh>
025 X-Cron-Env: <HOME=/root>
033 X-Cron-Env: <PATH=/usr/bin:/bin>
027 X-Cron-Env: <LOGNAME=root>
024 X-Cron-Env: <USER=root>
052I Message-Id: <E1J4nhC-0001Kn-2T@server.mydomain.com>
038 Date: Tue, 18 Dec 2007 19:26:02 -0600
1J4nhC-0001Kn-2T-D
Not Found
The requested URL /agent/cron.php was not found on this server.
Additionally, a 404 Not Found error was encountered while trying to use an
ErrorDocument to handle the request.
_________________________________________________________________
Apache/2.2.6 (Unix) mod_ssl/2.2.6 OpenSSL/0.9.7a mod_auth_passthrough/2.1
mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_jk/1.2.25 PHP/5.2.5 Server at
mydomain.com Port 80
Exim Mail Queue Soaked
Nov 17, 2007centos
2gigs ram
cpanel whm
Anyway after complaints of "mail not being sent" I looked at a few things, found over 25,000 messages stuck in the queue. The messages no being sent thing is yahoo blocking me because of too many mails sent to their servers without a valid recipient.
When I empty the queue it gathers about 200 mails an hour. Looks like it is coming from all over the world and they are using a valid ip from one of the domains hosted for sending.
Bear with me I was reselling for years and this is my first real dedicated server.
Reverse DNS is set up. I need a couple clues.
