View Email Logs For All Emails Sent / Received

[PrivaHost]

Hi Everyone,

Let me clarify my question.. I run a web host.. We want to be able to track the emails send / received from every single user account separately or all together. I don't care. I read somewhere on these forums that I needed to go to /var/logs/exim_mainlog in SSH as that's where logs were saved. I came up with No Directory there. Please help me out. This is an urgent thing. I know it's possible as I had a Social Network on a web host and an email account on my account was sending bulk email it shouldn't be. They were able to send me a list of every email that was sent to/from that email account.

Please help me out.

Thanks,

Scott
PrivaHost.com

 

[cPanelMichael]

Hello

The correct path to the primary log for Exim is:

/var/log/exim_mainlog

You can search this file using the "exigrep" utility. EX:

# exigrep domain.com /var/log/exim_mainlog

Thank you.

 

[driansmith]

Hello guys,
Just joined. Just starting to delve a little deeper into cpanel/whm. I understand almost nothing about checking the email logs apart from the fact i need to do it via 'shell' and that I probably need to use 'putty' and that the files I need to download are found at '/var/log/exim_mainlog'.
Can anyone point me to an idiots guide on how to do these things please?

- - - Updated - - -

In fact my hosting company has stated:
"Email logs for all domains are collected under a common file /var/log/exim_mainlog."

So, I have a number of jigsaw pieces - just need to figure out how I put them together.

Thanks.

 

[JaredR.]

It sounds like you are possibly not familiar with or comfortable with the shell. While the information about /var/log/exim_mainlog is valid, have you already looked at Home » Email » Mail Delivery Reports, in the WebHOst Manager? It is documented here:

Mail Delivery Reports

In order to view /var/log/exim_mainlog, you will need root shell access. There is no way to view it directly from the WHM. If you are not comfortable accessing the server's shell via SSH (which stands for Secure SHell), your hosting provider should be able to help you and show you how to do this.

Also, the Exim Cheatsheet provides a lot of commands that can be run from the shell in order to view and manipulate Exim and its queue:

Exim Cheatsheet

 

[driansmith]

Fantastic Jared. I understand that, and its been much more useful than my hosting company.
Mail Delivery Reports. This looks really useful.

Can I set out my problem so I can understand if I am attacking this issue correctly?
Suddenly, about a week ago, I received complaints from a dozen or more clients that they were not receiving emails from some of their customers. It seemed to be due to statements like:
550-JunkMail rejected - mail-we0-f180.google.com [74.125.82.180]:41398
And the servers being rejected included VirginMedia/Google IP addresses.
My hosting company has said that the only way to deal with this is to get all those blacked IP adresses delisted, or simply turn off the RBL filters (RBL: bl.spamcop.net and RBL: zen.spamhaus.org).
This we did, and now I am inundated with complaints about spam!!
Can these filters really end up blocking email even from google servers?
I was considering setting up a less-potent RBL such as bl.spamcop.net - am I making sense?
Apologies but this is not my area of expertise.

Regards
Ian

 

[driansmith]

Does anyone at cPanel have a view on the above please?

Regards
Ian

 

[Infopro]

It seemed to be due to statements like:
550-JunkMail rejected - mail-we0-f180.google.com [74.125.82.180]:41398
And the servers being rejected included VirginMedia/Google IP addresses.

End users IPs are getting blocked as junkmail, there's a reason for that. I would leave the filters enabled.

 

[driansmith]

End users IPs are getting blocked as junkmail, there's a reason for that. I would leave the filters enabled.

Thats my point Infopro.
There are too many 'legitimate' IP addresses in the database, such that my customers (on my server) are getting inundated with complaints from THEIR customers.
On that basis, the RBL filter approach will not work surely.

Regards
Ian

- - - Updated - - -

On my experience over the past few weeks:

If a server suddenly now turns on RBL in their WHM panel, then at least 20% of their customers will start complaining via phone/email about emails 'mysteriously' not turning up - although it might be a few weeks before they realise.
This is not viable system in my view.

Regards
Ian

 

[Infopro]

That has not been my experience, ever.

 

[driansmith]

That has not been my experience, ever.

Interesting.

How many active accounts (using emails for business) do you have on your server Infopro?

I have about 150 active accounts. Involving maybe 300-400 email accounts?

 

[driansmith]

Hello InfoPro?

How many active accounts (using emails for business) do you have on your server Infopro?

I have about 150 active accounts. Involving maybe 300-400 email accounts?

 

[Infopro]

If bl.spamcop.net and zen.spamhaus.org are blocking your legit users, you have options. Disable one or both, add your own custom RBL, whitelist addresses.
RBLs - cPanel Documentation

I've had both RBLs enabled since they were first added to the product years ago and have never had any complaints from my users.

 

[driansmith]

If bl.spamcop.net and zen.spamhaus.org are blocking your legit users, you have options. Disable one or both, add your own custom RBL, whitelist addresses.
RBLs - cPanel Documentation

I've had both RBLs enabled since they were first added to the product years ago and have never had any complaints from my users.

Thanks Infopro.

1. Very strange then that I have even had complaints from people using Gmail where the Google server was on a blacklist. I turned off RBL and all emails suddenly came flooding through.
2. Any advice how I can set up a custom RBL?

Thanks again.

 

[Infopro]

1. Very strange then that I have even had complaints from people using Gmail where the Google server was on a blacklist. I turned off RBL and all emails suddenly came flooding through.

You'll find everything explained in detail on the spamhaus site. They can explain this all to you far better than me.
The Spamhaus Project

2. Any advice how I can set up a custom RBL?

Not really. I do know its quite easy to add some other list. I gave it a go a few years ago:
mailspike.net - add to official RBL - cPanel Forums