On Thu, 2016-05-19 at 07:16 +0000, Kai Risku wrote:
> 2016-04-18 20:34:58 1asD4c-0002xi-2T <= xxx@xxx U=root P=spam-scanned
> S=33688 id=20160418203458-gktif3jm2yzc@xxx T="xxx" from <xxx@xxx> for
> xxx@xxx
> 2016-04-18 20:36:16 1asD4c-0002xi-2T Completed
My list of Exim log parameters, and it may attract some criticism from
some, is
log_selector = +address_rewrite \
+all_parents \
+arguments \
+deliver_time \
+delivery_size \
+incoming_interface \
+incoming_port \
+outgoing_port \
-queue_run \
+queue_time \
+queue_time_overall \
+received_recipients \
+received_sender \
+return_path_on_delivery \
+sender_on_delivery \
+smtp_confirmation \
+smtp_connection \
+smtp_incomplete_transaction \
+smtp_protocol_error \
+smtp_syntax_error \
+subject \
+tls_certificate_verified \
+tls_peerdn \
+unknown_in_list
In my Exim logs I have things like these (without the number in round
brackets)
(1) 2016-05-19 22:02:58 +0100 SMTP connection from
[72.xxx.xxx.xxx]:55028 I=[95.xxx.xxx.xxx]:25 (TCP/IP connection count =
1)
(2) 2016-05-19 22:02:59 +0100 1b3V5v-0007Sh-C2 ++ centos@??? :
centos-bounces@??? : Thu, 19 May 2016 15:02:45 -0600 : Re:
[CentOS] devtoolset-4
(3) 2016-05-19 22:02:59 +0100 1b3V5v-0007Sh-C2 <=
centos-bounces@??? H=mail.centos.org [72.xxx.xxx.xxx]:55028
I=[95.xxx.xxx.xxx]:25 P=esmtps X=TLSv1:AES256-SHA:256 CV=no S=4853
id=1217A558-3375-4A99-AC56-53211F58E06A@??? T="Re: [CentOS]
devtoolset-4" from <centos-bounces@???> for centos@???
(4) 2016-05-19 22:02:59 +0100 cwd=/var/spool/exim 3 args: /usr/sbin/exim
-Mc 1b3V5v-0007Sh-C2
(5) 2016-05-19 22:02:59 +0100 SMTP connection from mail.centos.org
[72.xxx.xxx.xxx]:55028 I=[95.xxx.xxx.xxx]:25 closed by QUIT
(6) 2016-05-19 22:02:59 +0100 1b3V5v-0007Sh-C2 => centos@???
F=<centos-bounces@???> P=<centos-bounces@???> R=m6a
T=remote_smtp S=4946 H=aaa.aaa.net [81.xxx.xxx.xxx]:25
X=TLSv1:AES256-SHA:256 CV=no DN="/C=EU/ST=European
Union/L=EU/O=bbbbbb/OU=ccccccc/CN=aaa.aaa.net/emailAddress=dddddd@???" C="250 OK id=1b3V5v-0002Cs-Np" QT=0s DT=0s
2016-05-19 22:02:59 +0100 1b3V5v-0007Sh-C2 Completed QT=0s
My understanding of Exim is.
in (3) <= means incoming
in (6) => means outgoing, to another mail server (MTA, also Exim)
To simplify and assist the infrequent exploration of Exim log files,
current and archived, I wrote a simple PHP programme (with a search and
display facility) which runs on Apache. I can, virtually instantly, find
anything extremely fast with only cut-and-past effort.
Grep-ing is not the ideal choice for any production environment but a
useful substitute for lack of proper support systems.
--
Regards,
Paul.
England, EU. England's place is in the European Union.
