How to check the Exim Maillog?
Maillog is considered as one of the major tool to solve all the problems related to email. Especially, using maillog one can track full history of emails. In cPanel liquid web server the entire aspect of email login has been changed towards the exim capacity. For an example, cryptic logs are used.
You can see more symbols like <=, =>, ->, *>, **, == etc. So, that it would be easy for you to identify the symbols whenever you get exim maillog practice. Apart from this, abbreviations will keep on changing depending upon the line which has detailed symbols.
Transaction successful:
In some case, the logfile doesn’t start with the numbers. Don’t consider it as default procedure.
Line beginning:
Step 1: Lines will start with time and date. Check the number 1487: There you can see the time and date mentioned clearly. Here internal ID is specified as 1ov4tU-0000Nz-Rm.
From the mainlog, using the internal ID one can take the log line easily. So, internal ID is must.
Step 2: The line at first starts with the word “H=”. Here, you can see the name of the host who sends the mail.
Step 3: The IP address is mentioned and of course! It is the host IP address and port number too described.
Step 4: There is a warning message such as spamassassin believes that this message is not spam.
How about line in second?
Step 1: It starts with the letter I and H and also, Check the symbol <=. This symbol represents that you going to get mail from the server. Next step would be the displaying the email address from which you got the mail.
Step 2: Next to the word I and H, the word P describes protocol. Have you heard about cipher suite? Here X word represents the cipher suite. Moreover, you won’t require X term at all. It’s just for sake.
Step 3: The status of certification verification is displayed in terms of CV. The message size is displayed in S word.
Step 4: The ID for server sending is defined at next step. T is for subject topic and finally, the line is closed with “foruser@example.com”.
What engages in third and fourth line?
Third line is nothing but for exim manual usage. For an exercise, you can parse out the lines one by one below exim manual.
That’s it!
Maillog is considered as one of the major tool to solve all the problems related to email. Especially, using maillog one can track full history of emails. In cPanel liquid web server the entire aspect of email login has been changed towards the exim capacity. For an example, cryptic logs are used.
You can see more symbols like <=, =>, ->, *>, **, == etc. So, that it would be easy for you to identify the symbols whenever you get exim maillog practice. Apart from this, abbreviations will keep on changing depending upon the line which has detailed symbols.
Transaction successful:
In some case, the logfile doesn’t start with the numbers. Don’t consider it as default procedure.
Code:
1: 2010-09-13 05:00:13 [1487] 1Ov4tU-0000Nz-Rm H=mailhost.domain.com [208.42.54.2]:51792 I=[67.215.162.175]:25 Warning: "SpamAssassin as theuser detected message as NOT spam (0.0)"
2: 2010-09-13 05:00:13 [1487] 1Ov4tU-0000Nz-Rm <= maillinglist@domain.com H=mailhost.domain.com [208.42.54.2]:51792 I=[67.215.162.175]:25 P=esmtps X=TLSv1:AES256-SHA:256 CV=no S=21778 id=384a86a39e83be0d9b3a94d1feb3119f@domain.com T="Daily Science Maillinglist: Chameleon" from for username@example.com
3: 2010-09-13 05:00:14 [1534] 1Ov4tU-0000Nz-Rm => user F= P= R=virtual_user T=virtual_userdelivery S=21902 QT=6s DT=0s
4: 2010-09-13 05:00:15 [1534] 1Ov4tU-0000Nz-Rm Completed QT=7s
Step 1: Lines will start with time and date. Check the number 1487: There you can see the time and date mentioned clearly. Here internal ID is specified as 1ov4tU-0000Nz-Rm.
From the mainlog, using the internal ID one can take the log line easily. So, internal ID is must.
Step 2: The line at first starts with the word “H=”. Here, you can see the name of the host who sends the mail.
Step 3: The IP address is mentioned and of course! It is the host IP address and port number too described.
Step 4: There is a warning message such as spamassassin believes that this message is not spam.
How about line in second?
Step 1: It starts with the letter I and H and also, Check the symbol <=. This symbol represents that you going to get mail from the server. Next step would be the displaying the email address from which you got the mail.
Step 2: Next to the word I and H, the word P describes protocol. Have you heard about cipher suite? Here X word represents the cipher suite. Moreover, you won’t require X term at all. It’s just for sake.
Step 3: The status of certification verification is displayed in terms of CV. The message size is displayed in S word.
Step 4: The ID for server sending is defined at next step. T is for subject topic and finally, the line is closed with “foruser@example.com”.
What engages in third and fourth line?
Third line is nothing but for exim manual usage. For an exercise, you can parse out the lines one by one below exim manual.
That’s it!