unknown user

LawsHosting

LawsHosting

Verified User
Joined
Sep 13, 2008
Messages
2,404
Location
London UK
Can I ask a question. If someone has an external forwarder, are emails that are sent to that forwarder recorded as the unknown user?...

in uknown.bytes I see
108235=type=email&email=&method=outgoing&id=1XTUwp-0006cz-61&authenticated_id=&sender_host_address=&log_time=1410787914&message_size=108235&local_part=order&domain=zodiacsalespromotions.co.uk&path=/usr/local/directadmin
108213=type=email&email=&method=outgoing&id=1XTUxL-0006fC-Ha&authenticated_id=&sender_host_address=&log_time=1410787914&message_size=108213&local_part=order&domain=zodiacsalespromotions.co.uk&path=/usr/local/directadmin
108232=type=email&email=&method=outgoing&id=1XTUx4-0006f0-Tg&authenticated_id=&sender_host_address=&log_time=1410787914&message_size=108232&local_part=order&domain=zodiacsalespromotions.co.uk&path=/usr/local/directadmin
108714=type=email&email=&method=outgoing&id=1XTW9z-0008KK-BP&authenticated_id=&sender_host_address=&log_time=1410787914&message_size=108714&local_part=order&domain=zodiacsalespromotions.co.uk&path=/usr/local/directadmin
Click to expand...
Which leads me to believe the email isnt being sent by an account by the server, hence the path part? The path is normally the /home/<user> path if it is sent by a php file or exim, correct?

I'm getting complaints about their forwarder being spammed, so they're blaming me.

(This is why I hate allowing forwarders)
 
Hello,

The lines posted above show outgoing emails sent from directadmin as it seems to be. If an email is sent by a php script then path should show you it's location.

Did you try to check exim logs for more details?

Code: 
exigrep <ANY_SEARCH_STRING_HERE> /var/log/exim/mainlog

You may use Message-ID or email-address as a search patern. Note to change /var/log/exim/mainlog to rotated log if you need to find lines from a past.
 
Here's some:

+++ 1XTTGn-0004Uq-8T has not completed +++
2014-09-15 11:12:29 1XTTGn-0004Uq-8T <= <> R=1XTTGl-0004Ug-3d U=mail P=local S=108223 T="Mail delivery failed: returning message to sender" from <> for [email protected]
2014-09-15 18:31:37 1XTTGn-0004Uq-8T ** [email protected] F=<>: all relevant MX records point to non-existent hosts
2014-09-15 18:31:37 1XTTGn-0004Uq-8T Frozen (delivery error message)

+++ 1XTUnJ-0006SH-Sn has not completed +++
2014-09-15 12:50:10 1XTUnJ-0006SH-Sn <= <> R=1XTUnE-0006S7-Vu U=mail P=local S=108196 T="Mail delivery failed: returning message to sender" from <> for [email protected]
2014-09-15 18:31:37 1XTUnJ-0006SH-Sn ** [email protected] F=<>: all relevant MX records point to non-existent hosts
2014-09-15 18:31:37 1XTUnJ-0006SH-Sn Frozen (delivery error message)
Click to expand...
So, it seems that bounces are being forwarded to clients forwarders?
 
Last edited:
You must log in or register to reply here.
Back
Top