Re: [exim] Problem with logging of the delivery under Ubuntu

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M 
MJeremy Harris at ->
Delete this message
Reply to this message
Author: Lars Timmann
Date:  
To: Klaus Ethgen
CC: exim-users
Old-Topics: Re: [exim] Problem with logging of the delivery under Ubuntu
Subject: Re: [exim] Problem with logging of the delivery under Ubuntu
Hi Klaus,
thanks for your answer and sorry for the very late response.

I had allready testet around with swaks which is the best tool for a
mailadmin, but I cannot figure out what goes wrong.
At the moment I have time again to investigate the problem further.

Incoming connection is logged:
2015-10-30 14:37:28 [15605] SMTP connection from [192.168.2.188]:49027
I=[192.168.5.103]:25 (TCP/IP connection count = 1)
2015-10-30 14:37:29 [15695] 1Zs9s0-000459-Eg <= lollypop@???
H=net2dhcp039.domain.tld (lollybook.mcs.de) [192.168.2.188]:49027
I=[192.168.5.103]:25 P=esmtp S=578 T="test Fri, 30 Oct 2015 14:38:10
+0100" from <lollypop@???> for lollypop@???
2015-10-30 14:37:29 [15695] SMTP connection from net2dhcp039.domain.tld
(lollybook.mcs.de) [192.168.2.188]:49027 I=[192.168.5.103]:25 closed by
QUIT
2015-10-30 14:37:29 [15605] SMTP connection from [192.168.12.51]:56326
I=[192.168.5.103]:26 (TCP/IP connection count = 1)

Here should be a => line to the virus scanner rzav1 ...

Incoming connection from the virus scanner piped to spamassassin:
2015-10-30 14:37:29 [15703] 1Zs9s1-00045H-GW <= lollypop@???
H=rzav1.domain.tld [192.168.12.51]:56326 I=[192.168.5.103]:26 P=esmtp
S=1168 id=dc4415$5d7s6@??? T="test Fri, 30 Oct 2015
14:38:10 +0100" from <lollypop@???> for lollypop@???
2015-10-30 14:37:29 [15709] cwd=/tmp 4 args: /usr/sbin/exim4 -oMr
spam-scanned=1Zs9s1-00045H-GW -bS
2015-10-30 14:37:29 [15709] SMTP connection from exim

Incoming from the spamassassin pipe
2015-10-30 14:37:29 [15709] 1Zs9s1-00045N-If <= lollypop@???
U=exim P=spam-scanned=1Zs9s1-00045H-GW S=1723
id=dc4415$5d7s6@??? T="test Fri, 30 Oct 2015 14:38:10
+0100" from <lollypop@???> for lollypop@???

Delivery to lmtp:
2015-10-30 14:37:29 [15714] cwd=/var/spool/exim 3 args: /usr/sbin/exim4
-Mc 1Zs9s1-00045N-If
2015-10-30 14:37:29 [15714] 1Zs9s1-00045N-If => lollypop@???
F=<lollypop@???> R=dovecot_lmtp_router T=dovecot_lmtp_transport
S=1834 QT=0s DT=0s


If I exigrep my mail in the log I become:
2015-10-30 14:37:29 [15709] 1Zs9s1-00045N-If <= lollypop@???
U=exim P=spam-scanned=1Zs9s1-00045H-GW S=1723
id=dc4415$5d7s6@??? T="test Fri, 30 Oct 2015 14:38:10
+0100" from <lollypop@???> for lollypop@???
2015-10-30 14:37:29 [15714] 1Zs9s1-00045N-If => lollypop@???
F=<lollypop@???> R=dovecot_lmtp_router T=dovecot_lmtp_transport
S=1834 QT=0s DT=0s
2015-10-30 14:37:29 [15714] 1Zs9s1-00045N-If Completed QT=0s

+++ 1Zs9s0-000459-Eg has not completed +++
2015-10-30 14:37:29 [15695] 1Zs9s0-000459-Eg <= lollypop@???
H=net2dhcp039.domain.tld (lollybook.mcs.de) [192.168.2.188]:49027
I=[192.168.5.103]:25 P=esmtp S=578 T="test Fri, 30 Oct 2015 14:38:10
+0100" from <lollypop@???> for lollypop@???

Whis is OK, because the delivery to the rzav1 is not logged, but not
correct, because it is delivered.

If I look with starting the daemon in debugging mode:
# /usr/sbin/exim4 -bdf -C /etc/exim/exim.conf -d+all 2>&1 | grep -A 1
"LOG: MAIN"
...
14:33:26 15438 LOG: MAIN
14:33:26 15438 <= lollypop@??? H=net2dhcp039.domain.tld
(lollybook.domain.tld) [192.168.2.188]:48970 I=[192.168.5.103]:25
P=esmtp S=578 T="test Fri, 30 Oct 2015 14:34:07 +0100"
--
14:33:26 15441 LOG: MAIN PANIC
14:33:26 15441 exim user lost privilege for using -C option
--
14:33:26 15441 LOG: MAIN
14:33:26 15441 => lollypop@??? F=<lollypop@???>
R=virusscan_director1 T=virusscan_transport_1 S=664 H=rzav1.domain.tld
[192.168.12.51]:25 C="250 ok: Message 5676932 accepted" QT=1s DT=0s
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
This is the Line which I miss in the real log!

--
14:33:26 15441 LOG: MAIN
14:33:26 15441 Completed QT=1s
--
14:33:26 15445 LOG: MAIN
14:33:26 15445 <= lollypop@??? H=rzav1.domain.tld
[192.168.12.51]:5868 I=[192.168.5.103]:26 P=esmtp S=1167
id=dc4415$5d7s4@??? T="test Fri, 30 Oct 2015 14:34:07
+0100"
--
14:33:26 15447 LOG: MAIN PANIC
14:33:26 15447 exim user lost privilege for using -C option
--
14:33:26 15447 LOG: MAIN
14:33:26 15447 => lollypop@??? F=<lollypop@???>
R=spamchecker T=spamassassin S=1573 QT=0s DT=0s
--
14:33:26 15447 LOG: MAIN
14:33:26 15447 Completed QT=0s

Any ideas how to debug logging issues? 

Thanks for your time,
    Lars


Am 2015-09-05 10:28, schrieb Klaus Ethgen:
> > Hi Lars,
>
> Am Fr den 4. Sep 2015 um 14:55 schrieb Lars Timmann:
>> So this problem occurs only when the message is received via tcp.
>>
>> Any ideas how to debug it?
>
> Try swaks (apt-get install swaks) and see if you can reproduce the
> problem yourself.
> 
> Regards
>    Klaus
> - --
> Klaus Ethgen                              http://www.ethgen.ch/
> pub  4096R/4E20AF1C 2011-05-16   Klaus Ethgen <Klaus@???>
> Fingerprint: 85D4 CA42 952C 949B 1753  62B3 79D0 B06F 4E20 AF1C

>
This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] Sending DelaysRe: [exim] Problem with logging of the delivery under Ubuntu->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)