delivery event explain

upsforum · Jun 25, 2013

Dear all,

you can explain me as read explain event log of WHM?

for example, this message generate a "LOCALHOSTRELAY Alert for 127.0.0.1", but I don't understand who or what sent

Event: success
User: hostuser
Domain: domainuser.it
Sender: info2013 @ yahoo.co.uk
Sent Time: Jun 25, 2013 12:02:12 PM
Sender Host: localhost
Sender IP: 127.0.0.1
Authentication: dovecot_login
Spam Score:
Recipient: dushi_ama @ hotmail.com
Delivered To: dushi_ama @ hotmail.com
Delivery User: -remote-
Delivery Domain:
Router: lookuphost
Transport: remote_smtp
Out Time: Jun 25, 2013 12:02:12 PM
ID: 1UrQ53-00007a-CG
Delivery Host: mx4.hotmail.com
Delivery IP: 65.54.188.126
Size: 1.78 KB
Result: Message accepted

ThinIce · Jun 25, 2013

Generally speaking, these fields tell you the account

User: hostuser
Domain: domainuser.it

These indicate the message was sent via webmail

Sender IP: 127.0.0.1
Authentication: dovecot_login

cPanelMichael · Jul 1, 2013

Hello

Yes, the user/domain field will typically indicate which account was used to send the message. You can also search for the recipient address in the Exim log file. EX:

Code:

exigrep [email protected] /var/log/exim_mainlog

Thank you.

Thread starter	Similar threads	Forum	Replies	Date
K	Enabling DNSSEC resulting in DNS propagation/Email delivery issues	Security	1	Nov 12, 2021
M	Any suggestions for online training about web security and hacking prevention	Security	2	Aug 21, 2021
G	How to prevent scrapers using multiple IPs	Security	8	Jan 4, 2021
S	How to prevent reading internal routing table?	Security	12	Dec 31, 2020
S	Blocking delivery/read receipts?	Security	5	Nov 8, 2004

Search

Search

delivery event explain

upsforum

Well-Known Member

ThinIce

Well-Known Member

cPanelMichael

Administrator