How to ban sending/receiving emails from an email address?

SuperBaby · Jun 24, 2007

I see tons of the below in the exim log but do not really understand what it means. Are emails being sent TO or FROM egoldmanid@xxxxxx.com?? How do I ban it?

2007-06-24 21:44:45 1I2SKY-0001NL-9s => office <egoldmanid@xxxxxx.com> R=virtual_sa_user T=virtual_sa_userdelivery
2007-06-24 21:46:51 1I2SOQ-0001wA-S2 => office <egoldmanid@xxxxxx.com> R=virtual_sa_user T=virtual_sa_userdelivery
2007-06-24 21:46:52 1I2SOT-0001wD-SB => office <egoldmanid@xxxxxx.com> R=virtual_sa_user T=virtual_sa_userdelivery
2007-06-24 21:46:54 1I2SOK-0001w5-CD => office <egoldmanid@xxxxxx.com> R=virtual_sa_user T=virtual_sa_userdelivery
2007-06-24 21:47:22 1I2SNt-0001uz-8T => office <egoldmanid@xxxxxx.com> R=virtual_sa_user T=virtual_sa_userdelivery
2007-06-24 21:47:24 1I2SNJ-0001uZ-KT => office <egoldmanid@xxxxxx.com> R=virtual_sa_user T=virtual_sa_userdelivery
2007-06-24 21:47:24 1I2SN1-0001uU-Va => office <egoldmanid@xxxxxx.com> R=virtual_sa_user T=virtual_sa_userdelivery
2007-06-24 21:47:26 1I2SO0-0001vD-TQ => office <egoldmanid@xxxxxx.com> R=virtual_sa_user T=virtual_sa_userdelivery
2007-06-24 21:47:27 1I2SMs-0001uN-FT => office <egoldmanid@xxxxxx.com> R=virtual_sa_user T=virtual_sa_userdelivery
2007-06-24 21:47:28 1I2SNq-0001un-1Y => office <egoldmanid@xxxxxx.com> R=virtual_sa_user T=virtual_sa_userdelivery
2007-06-24 21:47:30 1I2SNb-0001uj-Uq => office <egoldmanid@xxxxxx.com> R=virtual_sa_user T=virtual_sa_userdelivery
2007-06-24 21:47:31 1I2SNG-0001uY-GF => office <egoldmanid@xxxxxx.com> R=virtual_sa_user T=virtual_sa_userdelivery
2007-06-24 21:47:32 1I2SN8-0001uV-3n => office <egoldmanid@xxxxxx.com> R=virtual_sa_user T=virtual_sa_userdelivery
2007-06-24 21:47:34 1I2SO7-0001vH-6T => office <egoldmanid@xxxxxx.com> R=virtual_sa_user T=virtual_sa_userdelivery
2007-06-24 21:47:35 1I2SNK-0001ub-NY => office <egoldmanid@xxxxxx.com> R=virtual_sa_user T=virtual_sa_userdelivery
2007-06-24 21:47:37 1I2SMk-0001uM-6A => office <egoldmanid@xxxxxx.com> R=virtual_sa_user T=virtual_sa_userdelivery
2007-06-24 21:47:39 1I2SO8-0001vI-1R => office <egoldmanid@xxxxxx.com> R=virtual_sa_user T=virtual_sa_userdelivery
2007-06-24 21:47:39 1I2SO3-0001vE-90 => office <egoldmanid@xxxxxx.com> R=virtual_sa_user T=virtual_sa_userdelivery
2007-06-24 21:47:41 1I2SNF-0001uX-B4 => office <egoldmanid@xxxxxx.com> R=virtual_sa_user T=virtual_sa_userdelivery
2007-06-24 21:47:41 1I2SN9-0001uW-SE => office <egoldmanid@xxxxxx.com> R=virtual_sa_user T=virtual_sa_userdelivery
Click to expand...

nickp666 · Jun 24, 2007

they are all to egoldmanid@xxxxxx.com which is either a forwarder to the main account or the user has the default address (catch-all) set to their main account

You will have to grep the message id's from the exim log to see where they came from as you have only listed the second part of the delivery of those messages.

for example:
Code:
grep "1I2SN9-0001uW-SE" /var/log/exim_mainlog
Would show the transaction of the last message

SuperBaby · Jun 24, 2007

grep "1I2T4d-0006pX-A1" /var/log/exim_mainlog

2007-06-24 22:27:56 1I2T4d-0006pX-A1 <= <> H=(mc31.lon.server.colt.net) [212.74.77.71] P=esmtp S=29986 id=20070624140842.9362633807@mc31.lon.server.colt.net
2007-06-24 22:30:09 1I2T4d-0006pX-A1 => office <egoldmanid@xxxxxxx.com> R=virtual_sa_user T=virtual_sa_userdelivery
2007-06-24 22:30:09 1I2T4d-0006pX-A1 Completed
Click to expand...

What's next? How do I read the content of that email?

nickp666 · Jun 24, 2007

you cant read the content of that e-mail unless it is still in the mailbox it was delivered to.

By the transaction you posted, its a bounce message. (notice the <> instead of a sender address)

Forums

The Community Forums

Interact with an entire community of cPanel & WHM users!

How to ban sending/receiving emails from an email address?

SuperBaby Well-Known Member

nickp666 Well-Known Member

SuperBaby Well-Known Member

nickp666 Well-Known Member

In Progress Mail not working on server (sending and receiving)

SOLVED SMTP Mail Server receiving but not sending

Accesslist email users sending and receiving email from third party

How to block default mail account from sending or receiving mail?

How to set 1 ip for specific domain mail sending and receiving

Share This Page

Useful Searches

The Community Forums

Interact with an entire community of cPanel & WHM users!

How to ban sending/receiving emails from an email address?

SuperBaby Well-Known Member

nickp666 Well-Known Member

SuperBaby Well-Known Member

nickp666 Well-Known Member

In Progress Mail not working on server (sending and receiving)

SOLVED SMTP Mail Server receiving but not sending

Accesslist email users sending and receiving email from third party

How to block default mail account from sending or receiving mail?

How to set 1 ip for specific domain mail sending and receiving

Share This Page