Understanding Exim

[eaudet]

Going through my exim logs and queue, I was suprise to see so many messages on the queue (20000+).

So I decided to investigate a bit more ... and now, I have some questions that may sound newbie questions to you. I've had servers for many years, but never really looked at emails before.

From what I can see, my server is trying to send emails to people. Am I right in assuming that these 2 lines:
2007-09-20 08:29:40 1IYLA3-0006Tv-A9 => [email protected] R=lookuphost T=remote_smtp H=mail-fwd.sbc-webhosting.com [161.58.18.5]
2007-09-20 08:29:40 1IYLA3-0006Tv-A9 Completed

Does it means that an email was sent from my server to "[email protected]"?

If so, I think I have a problem. This is a brain new server. The only user is me. And I did not send any emails yet.

Any lights would be appreciated.

Eric

 

[eaudet]

Sorry for replying myself to my own post ...

Again, I am a newbie in this area and after thinking .... Maybe these are bounced messages? My server bounce messages ":fail: no user etc" ...

Again, more any help would be appreciated.

Eric

 

[d_t]

The mail was delivered from your server, indeed. Chek the exim logs to find if the email was a bounce or not:

exigrep 1IYLA3-0006Tv-A9 /var/log/exim_mainlog

if you see <> as a sender, then is a bounce message.

 

[eaudet]

Thanks, I think thats what it was:

2007-09-20 08:29:39 1IYLA3-0006Tv-A9 <= <> R=1IY5zb-0006Ex-Vt U=mailnull P=local S=3305
2007-09-20 08:29:40 1IYLA3-0006Tv-A9 => [email protected] R=lookuphost T=remote_smtp H=mail-fwd.sbc-webhosting.com [161.58.18.5]
2007-09-20 08:29:40 1IYLA3-0006Tv-A9 Completed

 

[d_t]

This is a bounce message for 1IY5zb-0006Ex-Vt Now you can search the logs for the original message and the error that cause the bounce message (usually, recipient does not exists)

exigrep 1IY5zb-0006Ex-Vt /var/log/exim_mainlog

The line with <= means the sender, the line with => is for recipient, == processing.
"Complete" means the message (or bounce) was delivered and removed from queue.