Rejected relay attempt

jgenee

Registered
Feb 12, 2021
2
0
1
New York
cPanel Access Level
Root Administrator
Hi everyone...I am stumped.

Every couple of weeks a small subset of our email addresses reject an incoming email. In WHM I see the error as - Rejected relay attempt.

cPanel is set to Remote Mail Exchanger and all of our MX records are pointing towards G Suite. For some reason every few weeks these messages come through and I think they are routing to the WHM server by mistake. We don't have split delivery set up in G Suite either.
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
9,796
1,529
313
cPanel Access Level
Root Administrator
Hey there! I'm sorry to hear about this email issue. Your user profile indicates you don't have root access to the server - is that the case? Without root access you wouldn't be able to check the mail logs in /var/log/exim_mainlog that would get you more details about what the issue may be.

The best thing I can recommend in that situation would be to contact the hosting provider and have them check the logs for the specific message to see if they can find more information on what may be happening with the mail server at that time.
 

jgenee

Registered
Feb 12, 2021
2
0
1
New York
cPanel Access Level
Root Administrator
Hey there! I'm sorry to hear about this email issue. Your user profile indicates you don't have root access to the server - is that the case? Without root access you wouldn't be able to check the mail logs in /var/log/exim_mainlog that would get you more details about what the issue may be.

The best thing I can recommend in that situation would be to contact the hosting provider and have them check the logs for the specific message to see if they can find more information on what may be happening with the mail server at that time.
Sorry, I do have root to WHM. So I could go to Terminal through WHM and look at those logs?
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
9,796
1,529
313
cPanel Access Level
Root Administrator
Thanks for clarifying that - I've updated your forums profile to indicate you have root access to the system.

You could absolutely use the WHM >> Terminal feature to check the logs. If you have the mail ID number, which is a string of letters and numbers that looks similar to this:

1l7jmi-00DZWH-90

you could run this command to search through the mail log to get all the information about that particular message:

Code:
grep 1l7jmi-00DZWH-90 /var/log/exim_mainlog
which will show the full mail transaction. Hopefully some of the output that provides will give you more details on what is happening with that message.