cPanel exim frozen mail queue issue


Jun 15, 2007
Hi every one,

Recently I found there are lots incomming mail queues frozen in my cPanel exim server, after checking, I am sure this is because of cPanel wrong design.

Basically, the incomming mail queue frozen due to the Return-Failed(bounceback) messages drop by ACL, when the Return-Failed messages drop by ACL, it will cause incomming mail queue into "Process failed" state, and then frozen the incomming mail queue forever. For example, one of incomming mail send from invalid sender email address, it failed to delivery due to "LMTP error after MAIL FROM", and created a Return-Failed messages, but the Return-Failed messages also failed due to ACL drop it, then the incomming mail queue into "Porcess failed" state and then frozen forever.

Only when the Return-Failed message drop by ACL can cause this issue, if Return-Failed message sent successfully, or even rejected by remote SMTP server immediately, it will not cause this issue. The important thing is: the incomming mail queue will frozen forever, as it have not chance to delivery in this situtation. And I suspect it is the main reason why there are lots of old mail queue files under path /var/spool/exim/ when my cPanel exim server running for a while.

2019-10-22 00:10:33 1iMaGL-00GbWj-Jh <= Yourhealth–[email protected] H=(..) [x.x.x.x]:36502 P=esmtp S=11255 id=.. T=".." for ***@*****.com
2019-10-22 00:10:33 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1iMaGL-00GbWj-Jh
2019-10-22 00:10:33 1iMaGL-00GbWj-Jh ** ***@*****.com R=virtual_user T=dovecot_virtual_delivery: LMTP error after MAIL FROM:<Yourhealth\342\200\[email protected]>: 500 5.5.2 Invalid command syntax
2019-10-22 00:10:33 cwd=/var/spool/exim 7 args: /usr/sbin/exim -t -oem -oi -f <> -E1iMaGL-00GbWj-Jh
2019-10-22 00:10:35 1iMaGP-00GbWx-Dz F=<> rejected by non-SMTP ACL: "SpamAssassin as cpaneleximscanner detected OUTGOING not smtp message as spam (7.9/70)"
2019-10-22 00:10:35 1iMaGP-00GbWx-Dz Error while reading message with no usable sender address (R=1iMaGL-00GbWj-Jh): rejected by non-SMTP ACL: This message was classified as SPAM and may not be delivered
2019-10-22 00:10:35 1iMaGL-00GbWj-Jh Process failed (1) when writing error message to Yourhealth–[email protected] (frozen)
2019-10-22 00:14:53 1iMaGL-00GbWj-Jh Message is frozen
Last edited by a moderator:


Jun 15, 2007

Could be due to dovecot memory. Can you check what you see in the /var/log/maillog file. Update in this form if possible.
Hi, thanks. Not, impossible due to memory. It is also not system error. It simply due to cPanel wrongfully treat their ACL drop action as SMTP failed or error but not completed.


Product Owner
Staff member
Nov 14, 2017
This isn't actually a cPanel issue, there was a ticket opened on this behavior not too long ago and it was very thoroughly researched. This is the standard behavior for exim when it's unable to deliver messages.

Please see the following exim documentation:

7. Life of a message
A message remains in the spool directory until it is completely delivered to its recipients or to an error address, or until it is deleted by an administrator or by the user who originally created it. In cases when delivery cannot proceed – for example when a message can neither be delivered to its recipients nor returned to its sender, the message is marked “frozen” on the spool, and no more deliveries are attempted.
17. Failures to deliver bounce messages If a bounce message (either locally generated or received from a remote host) itself suffers a permanent delivery failure, the message is left in the queue, but it is frozen, awaiting the attention of an administrator. There are options that can be used to make Exim discard such failed messages, or to keep them for only a short time (see timeout_frozen_after and ignore_bounce_errors_after). ==
  • The first part of the issue is that the message is bouncing and I'd wager it was for something like quota issues, if you showed the full transaction for MID 1iMaGL-00GbWj-Jh in this example.
  • After the initial failure occurs, Exim tries to send the failure notification.
  • If the failure notification gets flagged as spam there are no more delivery paths. This isn't a specific problem with cPanel.
-- Exim needs to deliver a failure report.
-- The ACL options for SpamAssassin will reject or prevent a mail delivery when a message is detected as spam.