Strange log entries in exim main log

A

alexjohn

Verified User
Joined
Sep 1, 2017
Messages
42
Hi, can anyone please advise what these entries mean in the exim logs? Not had much luck googling!

2021-03-05 06:18:54 TLS error on connection from [46.101.36.45] SSL_accept: TCP connection closed by peer
2021-03-05 06:18:54 H=([127.0.0.1]) [46.101.36.45] sender verify fail for <noreply-piwpy@[redact hostname]>: Unrouteable address
2021-03-05 06:18:54 H=([127.0.0.1]) [46.101.36.45] X=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256 CV=no F=<noreply-piwpy@redact hostname]> rejected RCPT <[email protected]>: Sender verify failed
2021-03-05 06:18:54 H=([127.0.0.1]) [46.101.36.45] incomplete transaction (RSET) from <noreply-piwpy@redact hostname]


2021-03-05 08:03:48 H=([redact domain1]) [109.108.128.41] sender verify fail for <email@[redact domain1]>: Unrouteable address
2021-03-05 08:03:48 H=([redact domain1]) [109.108.128.41] X=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256 CV=no F=<email@[redact domain1]> rejected RCPT <email@[redact domain2]>: Sender verify failed
2021-03-05 08:03:48 H=([redact domain1]) [109.108.128.41] incomplete transaction (QUIT) from <email@[redact domain1]>
 
This one I've been meaning to look into more as I don't think it's working in the way that I'd like it to, but here's my initial understanding prior to diving in deeper:

In this case the redacted domain 1 is in /etc/virtual/domains and the name given prior to the @ isn't found in /etc/virtual/redacted1/passwd.

So, for example, let's say on your server you have two domains: domainone.com and domaintwo.com. On domainone.com you have created [email protected] and [email protected]. On domaintwo.com you have created [email protected]. Now, some other server just sent an email TO [email protected], claiming to be sending FROM [email protected]. Your server is saying "Hey I host domainone.com. Do we have an Alice here? I only see an Alex and a Phil. Who is Alice?" And in turn, that error becomes "Sender verify failed."
 
If you were it’s all good. IT issues can put everyone on edge.

In a past life I was an ER Nurse so I understand real emergencies are...
 
mxroute said:
This one I've been meaning to look into more as I don't think it's working in the way that I'd like it to, but here's my initial understanding prior to diving in deeper:

In this case the redacted domain 1 is in /etc/virtual/domains and the name given prior to the @ isn't found in /etc/virtual/redacted1/passwd.

So, for example, let's say on your server you have two domains: domainone.com and domaintwo.com. On domainone.com you have created [email protected] and [email protected]. On domaintwo.com you have created [email protected]. Now, some other server just sent an email TO [email protected], claiming to be sending FROM [email protected]. Your server is saying "Hey I host domainone.com. Do we have an Alice here? I only see an Alex and a Phil. Who is Alice?" And in turn, that error becomes "Sender verify failed."
Click to expand...

Very helpful, thank you very much
 
bdacus01 said:
If you were it’s all good. IT issues can put everyone on edge.

In a past life I was an ER Nurse so I understand real emergencies are...
Click to expand...

That is kind :) And I applaud your efforts, both in your previous occupation, and this, keep safe friend.
 
bdacus01 said:
I do try. Sometimes I come across crass. I guess it because I am American.

In general I believe we are all here to help each other.
Click to expand...
Hah! Well, I'm British, so we're aloof and emotionless. We'll get on well.
 
You must log in or register to reply here.
Back
Top