Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

delivery event explain

Discussion in 'Security' started by upsforum, Jun 25, 2013.

  1. upsforum

    upsforum Well-Known Member

    Joined:
    Jul 27, 2005
    Messages:
    464
    Likes Received:
    0
    Trophy Points:
    166
    Dear all,


    you can explain me as read explain event log of WHM?

    for example, this message generate a "LOCALHOSTRELAY Alert for 127.0.0.1", but I don't understand who or what sent


    Event: success
    User: hostuser
    Domain: domainuser.it
    Sender: info2013 @ yahoo.co.uk
    Sent Time: Jun 25, 2013 12:02:12 PM
    Sender Host: localhost
    Sender IP: 127.0.0.1
    Authentication: dovecot_login
    Spam Score:
    Recipient: dushi_ama @ hotmail.com
    Delivered To: dushi_ama @ hotmail.com
    Delivery User: -remote-
    Delivery Domain:
    Router: lookuphost
    Transport: remote_smtp
    Out Time: Jun 25, 2013 12:02:12 PM
    ID: 1UrQ53-00007a-CG
    Delivery Host: mx4.hotmail.com
    Delivery IP: 65.54.188.126
    Size: 1.78 KB
    Result: Message accepted
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. ThinIce

    ThinIce Well-Known Member

    Joined:
    Apr 27, 2006
    Messages:
    352
    Likes Received:
    7
    Trophy Points:
    168
    Location:
    Disillusioned in England
    cPanel Access Level:
    Root Administrator
    Generally speaking, these fields tell you the account

    User: hostuser
    Domain: domainuser.it

    These indicate the message was sent via webmail

    Sender IP: 127.0.0.1
    Authentication: dovecot_login
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    43,633
    Likes Received:
    1,787
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello :)

    Yes, the user/domain field will typically indicate which account was used to send the message. You can also search for the recipient address in the Exim log file. EX:

    Code:
    exigrep user@domain.com /var/log/exim_mainlog
    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice