How to understand Exim logs files.
In cpanel exim mail logs are stored in following files
/var/log/exim_mainlog -: All the logs are recorded into the exim_mainlog file
/var/log/exim_rejectlog -: Rejected emails logs are recorded into the exim_rejectlog
/var/log/exim_paniclog -: If the exim server stuck or fails then those logs will be recorded into the exim_paniclog file.
Log line flags:
—————
<= Shows arrival of a message for incoming mail.
=> Shows a normal message delivery for outgoing mail
-> Shows additional address for the same delivery, i.e. an Email forwarder.
*> Shows delivery suppressed by -N**delivery failed; address bounced.
== Shows delivery deferred; temporary problem.
** Shows delivery failed; address bounced.
From the email queue, we can find the log details of an email by using the command “exim -Mvl Message-ID”
A summary of the field identifiers that are used in log lines:
R= The address immediately following “<=” is the sender address. A bounce message is shown with the sender address “<>”, and if it is locally generated, this is followed by an item of the form R=<message id>.
T= The relay used to transmit the message. Example: T=remote_smtp T=local_delivery
H= Represents the host name and IP address.
U= The MTA used.
I= local interface used.
P= This is the return path on delivery.
A= If A= is present, then SMTP AUTH was used for the delivery.
S= Is the delivery size of the message.
ID= Represents the incoming message ID
T= Topic / Subject
from :From whom the mail was received
for : Who the email is for.
C : SMTP confirmation on delivery.
D : Duration of “no mail in SMTP session”.
S : size of message.
X :TLS cipher suite
DT:on => lines: time taken for a delivery
Email of users are stored in “/home/user/mail/<domain>/<emailuser>”
/home/username/mail(mail folder)
/home/username/etc (configuration files)
/domain.com
maildirsize (quota/usage summary, expendable)
cur (default inbox for read email)
new (default email for unread email)
Leave a Reply