The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

imap traffic

Discussion in 'E-mail Discussions' started by David Gamero, Apr 20, 2016.

  1. David Gamero

    David Gamero Member

    Joined:
    Apr 20, 2016
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Ecija, (Sevilla)
    cPanel Access Level:
    Root Administrator
    Hello excuse my English I'm from Spain and I'm using an online translator, I made a consultation, I have a domain that generates high traffic imap, I have root access to vps, as I know that domain accounts are generating traffic imap?

    A greeting.
     
  2. ssfred

    ssfred Well-Known Member

    Joined:
    Jan 6, 2012
    Messages:
    62
    Likes Received:
    2
    Trophy Points:
    8
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello David,

    If you are looking to identify the volume of IMAP traffic for each domains, you can use the option "Bandwisth" available in cPanel. If you wish to track the IMAP activities on the server, you can get details from the log file /var/log/maillog
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Could you provide some more details about what in-particular you would like to determine? For instance, are you attempting to determine which account is using IMAP bandwidth? Feel free to attach some images to this thread to show us an example.

    Thank you.
     
  4. David Gamero

    David Gamero Member

    Joined:
    Apr 20, 2016
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Ecija, (Sevilla)
    cPanel Access Level:
    Root Administrator
    Hello account that generates a lot of traffic imap is located, I need to know is where IMAP mail is sent, I made an analysis of virus in cpanel and found many viruses and eliminated, changed passwords cpanel, mysql and email, but continues to generate a lot of traffic imap, I send you a picture for you to check consumption.

    I looked at the log / var / log / maillog but no meeting since imap mail traffic is sent.

    Any ideas?

    Thank you very much and greetings.
     

    Attached Files:

  5. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Are there no entries in /var/log/maillog at all, or do you see nothing that shows where the IMAP traffic is coming from?

    Thank you.
     
  6. David Gamero

    David Gamero Member

    Joined:
    Apr 20, 2016
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Ecija, (Sevilla)
    cPanel Access Level:
    Root Administrator
    Hello sorry for the delay in answering, I can not find in the log the problem, use tail maillog -100 | grep "domain name" but I see little traffic imap, it is possible that can be sent from a joomla and does not appear in the logs?

    A greeting.
     
  7. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello,

    You can search /var/log/maillog with the "grep" command to see all matching results from that log file. Here's an example:

    Code:
    grep domain.com /var/log/maillog
    Thank you.
     
  8. David Gamero

    David Gamero Member

    Joined:
    Apr 20, 2016
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Ecija, (Sevilla)
    cPanel Access Level:
    Root Administrator
    Hi thanks for the info, as I know the size of the emails sent? I sent a line of log


    Jul 2 00:34:36 cp01 dovecot: imap(cristobal@domain.com): Logged out in=4222, out=643633566, bytes=4222/643633566

    A greeting.
     
  9. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  10. David Gamero

    David Gamero Member

    Joined:
    Apr 20, 2016
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Ecija, (Sevilla)
    cPanel Access Level:
    Root Administrator
    Hi thanks for the answer, as I know from where he has received many megasbyte?

    A greeting.
     
  11. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Could you elaborate on the question? The logs you are referring to show IMAP usage, indicating the email user from that IP address checked their email via IMAP.

    Thank you.
     
  12. David Gamero

    David Gamero Member

    Joined:
    Apr 20, 2016
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Ecija, (Sevilla)
    cPanel Access Level:
    Root Administrator
    Hello I send the second line where you see the ip client and my server, but as I know the mail client from which you send and receive emails?

    Jul 2 00:36:40 cp01 dovecot: imap-login: Login: user=<cristobal@domain.com>, method=PLAIN, rip=83.XX.XX.XX, lip=185.XX.XX.XX, mpid=12296, TLS, session=<mTjEnpo2etRTM0In>

    A greeting
     
  13. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello,

    It's not possible to see the name of the email client (e.g. Outlook, Thunderbird) in /var/log/maillog.

    Thank you.
     
  14. David Gamero

    David Gamero Member

    Joined:
    Apr 20, 2016
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Ecija, (Sevilla)
    cPanel Access Level:
    Root Administrator
    Hello there any way to find whm this email? or you know any software that you can install in whm showing me more information about mail traffic?

    I do not know where the source of excessive traffic on July 2 the day is, there was traffic 146gb imap

    A greeting.
     
  15. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    You could browse through all of the "Jul 2" activity in /var/log/maillog with a command such as:

    Code:
    grep "Jul 12" /var/log/maillog
    You can use ""WHM Home » Email » Mail Delivery Reports" to review email deliveries. However, note that it's possible for POP3/IMAP traffic to come logging in and downloading messages as opposed to sending/receiving messages. You may also find this thread helpful, but note you may need to change the commands to check for IMAP usage:

    Tracking Down Excessive POP3 Usage

    Thank you.
     
Loading...

Share This Page