The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

delivery event explain

Discussion in 'Security' started by upsforum, Jun 25, 2013.

  1. upsforum

    upsforum Well-Known Member

    Joined:
    Jul 27, 2005
    Messages:
    446
    Likes Received:
    0
    Trophy Points:
    16
    Dear all,


    you can explain me as read explain event log of WHM?

    for example, this message generate a "LOCALHOSTRELAY Alert for 127.0.0.1", but I don't understand who or what sent


    Event: success
    User: hostuser
    Domain: domainuser.it
    Sender: info2013 @ yahoo.co.uk
    Sent Time: Jun 25, 2013 12:02:12 PM
    Sender Host: localhost
    Sender IP: 127.0.0.1
    Authentication: dovecot_login
    Spam Score:
    Recipient: dushi_ama @ hotmail.com
    Delivered To: dushi_ama @ hotmail.com
    Delivery User: -remote-
    Delivery Domain:
    Router: lookuphost
    Transport: remote_smtp
    Out Time: Jun 25, 2013 12:02:12 PM
    ID: 1UrQ53-00007a-CG
    Delivery Host: mx4.hotmail.com
    Delivery IP: 65.54.188.126
    Size: 1.78 KB
    Result: Message accepted
     
  2. ThinIce

    ThinIce Well-Known Member

    Joined:
    Apr 27, 2006
    Messages:
    346
    Likes Received:
    7
    Trophy Points:
    18
    Location:
    Disillusioned in England
    cPanel Access Level:
    Root Administrator
    Generally speaking, these fields tell you the account

    User: hostuser
    Domain: domainuser.it

    These indicate the message was sent via webmail

    Sender IP: 127.0.0.1
    Authentication: dovecot_login
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    653
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Yes, the user/domain field will typically indicate which account was used to send the message. You can also search for the recipient address in the Exim log file. EX:

    Code:
    exigrep user@domain.com /var/log/exim_mainlog
    Thank you.
     
Loading...

Share This Page