"Good" mail dumping to /dev/null

[Edward123]

I have a client with many mailboxes (will call them domaininquestion.com) who reported today that some incoming mail to their various users was not arriving. They stated that this condition was intermittent and had started a few days ago. She was able to provide a specific sender, recipient and time for a non-delivered mesage. A check of the exim_mainlog revealed this entry for the message in question:

2004-08-04 16:43:40 1BsTXv-0005qG-00 <= sender@hisdomain.com
H=mail.the_isp.com (EXT615) [xxx.xxx.xxx.xx] P=esmtp S=10131
2004-08-04 16:43:40 1BsTXv-0005qG-00 => /dev/null <addressee@domaininquestion.com> D=central_filter T=**bypassed**
2004-08-04 16:43:40 1BsTXv-0005qG-00 Completed

In this example, the sender has an @domaininquestion.com address; she is sending a message to two other people within the domain.

2004-08-03 11:13:42 1Bs1v4-00016i-00 <= sender@domaininquestion.com
H=mail.the_isp.com (EXT615) [xxx.xxx.xxx.xx] P=esmtp S=5793
2004-08-03 11:13:42 1Bs1v4-00016i-00 => /dev/null
<emp_1@domaininquestion.com> D=central_filter T=**bypassed**
2004-08-03 11:13:42 1Bs1v4-00016i-00 => /dev/null
<emp_2@domaininquestion.com> D=central_filter T=**bypassed**
2004-08-03 11:13:42 1Bs1v4-00016i-00 Completed

I have observed the following upon further review of the exim_mainlog:

The ONLY messages that show /dev/null delivery are messages addressed to recipients at domaininquestion.com.

The application of /dev/null to addresses within the domain appears to be random - both in terms of the sender and the domain mailbox. (for example, joe@someplace.com may send a message to two addressees at domaininquestion.com - one will be delivered and one will show /dev/null. He may try again later and it will be delivered as intended. Later in the log I may see that mail from some bizarre sending address - like afdvfl4aj-x3.s8p8fsnohtgbjrvf4@elbert6.org - is delivered to an addressee at domaininquestion.com, while a message with the same origin addressed to a different addressee at domaininquestion.com gets the dev/null treatment )

There have been no upgrades/updates/configuration changes to the server within the past two weeks or so (I am also on manual cpanel updates). The client does not have access to cpanel (no shell access either)

Any ideas on why this condition may exist and how to troubleshoot/repair are appreciated.

[Faldran]

Check the filters they setup on the account, normally if you set something there, it will send the mail to /dev/null

[palash]

i have same kind of problem! this is very annoiding. i have a
domain.com , say user jone@domain.com, sam@domain.com.
there are 2 forwarding form both user to ensure that all incoming mail , both can get a copy.
99% time it works fine without any problem. but some time a msg come to jone@ will not forwarded to sam@ .or very strange is that a msg to sam , get the box of jone by this forwarding but not sam himself.
i cant figure it out till now , what really happen , but i have now clue , dev/null.
anyone know how to overcome this.