troubleshooting Question

Exim log questions

Avatar of Frosty555
Frosty555Flag for Canada asked on
LinuxLinux SecurityEmail Servers
5 Comments1 Solution960 ViewsLast Modified:
I'm trying to figure out some spam issues we are having with our server (emails we send out are getting rejected as spam). I have a few questions regarding what I'm seeing in the logs.

For argument sake, our server's IP is "123.123.123.123".


Example 1

2012-05-22 02:33:21 H=(123.123.123.123) [117.194.210.132] rejected MAIL <somebody@asdfasdf.be>: Access denied - Invalid HELO name (See RFC2821 4.1.3)

Does this mean that my server rejected INCOMING mail from 117.194.210.132 because THEY had an invalid HELO name? Or does it mean that 117.194.210.132 rejected OUTGOING mail from my server because MY server has an invalid HELO name?

Example 2

2012-05-22 08:45:20 H=(smtp.lanxxxxxxuys.com) [50.xxx.127.244] Warning: "Increment Connection Ratelimit - (smtp.laxxxxxxxuys.com) [50.xxx.127.244] because of RBL match"
2012-05-22 08:45:20 H=(smtp.lanxxxxxxxs.com) [50.xxx.127.244] F=<wizstar@laxxxxxxxuys.com> rejected RCPT <xxx@torxxxxxxa.com>: "JunkMail rejected - (smtp.landbxxxxuys.com) [50.xxx.127.244] is in an RBL, see http://www.spamhaus.org/sbl/query/SBLCSS"

Does this mean that my server saw incoming mail from 50.123.127.244 and then ratelimited, and then rejected it due to THEM being on a blacklist?  Or does this mean that my server tried to SEND mail to 50.123.127.244 and WE were ratelimited and then rejected for being on a blacklist?


Additionally...

Is there any straightforward way to search the logs for errors related to outbound emails that are bouncing back due to spam? Is there something I can GREP for?

I'm looking at /var/log/exim_mainlog. Is there somewhere else I should be looking too? Or something in cPanel WHM I can use to help make this process easier?
ASKER CERTIFIED SOLUTION
Join our community to see this answer!
Unlock 1 Answer and 5 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 5 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros