Debug your mail server using exigrep for Exim main log
Debug email using exigrep
Ok, but what happens if the previous checks turn up that are ok? Mails should be sent right? Well not exactly, there could be a numbers of reasons why it would fail, in most cases this happens to be a blacklist that has our server IP. On a cpanel server used for shared hosting services, this is pretty much the case, but of course, not always a blacklist has occurred.
How do we know this? Well most of the email providers (gmail.com, yahoo.com, aol.com, live.com etc.) will provide the information needed stating the error back the moment we try to relay the message to them. This error message would then be logged in our own mail server log. However it is really a big big hassle to stay and monitor your main log file to see what is the issue, so if we have a test case, we can search directly on the main log to see what has happen.
So for instance, lets say we have the bellow email to where we don’t know why it fails to receive our emails:
- a@a.com
Its an example again of course, so now we want to use exigrep to locate the email address in our main log where this email was present:
|
1 |
exigrep a@a.com /var/log/exim_mainlog |
A bit of explanation:
- the email a@a.com comes first right after the commad exigrep. This is the actual email we want to search in our log
- next is the location to our mail log, which you can see I’ve set it to /var/log/exim_mainlog
The output of the above will be similar to:
|
1 2 3 4 |
2013-10-10 15:38:22 1MJDCT-0034XO-T6 <= user@foo1.server.com U=user P=local S=6904 id=34131bd0b5dfe3f4fa64de1cd62928d8@domain.net T="[Some funny title here] Please moderate: \"" for a@a.com 2013-10-10 15:38:22 1MJDCT-0034XO-T6 SMTP connection outbound 1381408702 1MJDCT-0034XO-T6 domain.net a@a.com 2013-10-10 15:38:22 1MJDCT-0034XO-T6 ** a@a.com R=fail_remote_domains: The mail server could not deliver mail to a@a.com. The account or domain may not exist, they may be blacklisted, or missing the proper dns entries. 2013-10-10 15:38:23 1MJDCT-0034XO-T6 Completed |
So we have here in the above example a failed message, the response we get back on this is flagged to fail_remote_domains, meaning something wrong with the email server of the domain name. The message there is really just an example to help us debug this, the issue could be one of:
- account does not exist or domain does not exist
- wrong DNS records set on your domain
- the remote mail server may be blacklisted
The last one would only be valid if you set your own server to not send emails to such servers, in my case here that options is dropped as I don’t do that, I’m sending it there even if the mail server is blacklisted (it really is their problem, they can receive emails, but will have issues sending).
In the above case is most likely one of the first two, either the domain is invalid, or the DNS records are incorrect. Doing a simple DIG test on a.com will result in a wrong domain / DNS records meaning we can’t do anything unless the domain name is working.
Similar to how I debugged the above issue is with almost any other error message, you will find probably redirect or local failure, but you will get some piece of information where to look and how to fix the issue.
That would be all for now, will see you again in our next article, cheers and don’t forget to subscribe and comment if you find something missing.
Pages: 1 2
