Email accepted by EXIM when "Remote Mail Exchanger" accidentally set. Where did this mail go?

[ttremain]

During some mail and DNS changes the setting "Remote Mail Exchanger" accidentally got set.

/var/log/exim_mainlog shows the server still accepted emails, but they seem to have disappeared, and not gotten delivered anywhere.

We are trying to recover a couple hundred emails.

Any advice where to look would be appreciated!

Thank you!

 

[cPanelLauren]

If it was accepted by exim you should be able to see the full transaction in those same logs. You can run something like the following for a few of the Message ID's:

exigrep MID /var/log/exim_mainlog

 

[ttremain]

If it was accepted by exim you should be able to see the full transaction in those same logs. You can run something like the following for a few of the Message ID's:

exigrep MID /var/log/exim_mainlog

2020-02-26 04:29:05 1j6voH-002Zaq-7y <= [email protected] H=stdel551.appriver.com [8.31.233.163]:63403 P=esmtp S=115562 [email protected] T="SOME SUBJECT" for [email protected]
2020-02-26 04:29:06 1j6voH-002Zaq-7y [8.19.118.108] SSL verify error: certificate name mismatch: DN="/C=US/ST=Florida/L=Gulf Breeze/O=Appriver LLC/OU=Engineering/CN=*.appriver.com" H="domain.com.1.0001.arsmtp.com"
2020-02-26 04:29:06 1j6voH-002Zaq-7y => [email protected] R=dkim_lookuphost T=dkim_remote_smtp H=domain.com.1.0001.arsmtp.com [8.19.118.108] X=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256 CV=no C="250 5018019 message accepted for delivery"
2020-02-26 04:29:06 1j6voH-002Zaq-7y Completed

 

[cPanelLauren]

This indicates that the mail was accepted by [email protected] for delivery and the transaction completed successfully.

I wouldn't want to go through the entire list but it looks like the mail made it there without issue, are you actually missing some?

 

[ttremain]

Interestingly enough, the email trickled in over the next few hours.

 

[cPanelLauren]

Glad to hear it, mailservers in cases where the host can't be reached (if configured properly) will retry several times.

 

[ttremain]

Glad to hear it, mailservers in cases where the host can't be reached (if configured properly) will retry several times.

The weird thing is, it IS the host. The mail should have gone right into a local mailbox, but did not for some time. Oh well, not repeating this, so maybe it's not something I should worry about discovering the root cause of.