Hi Klaus,
thanks for your answer and sorry for the very late response.
I had allready testet around with swaks which is the best tool for a
mailadmin, but I cannot figure out what goes wrong.
At the moment I have time again to investigate the problem further.
Incoming connection is logged:
2015-10-30 14:37:28 [15605] SMTP connection from [192.168.2.188]:49027
I=[192.168.5.103]:25 (TCP/IP connection count = 1)
2015-10-30 14:37:29 [15695] 1Zs9s0-000459-Eg <= [email protected]
H=net2dhcp039.domain.tld (lollybook.mcs.de) [192.168.2.188]:49027
I=[192.168.5.103]:25 P=esmtp S=578 T="test Fri, 30 Oct 2015 14:38:10
+0100" from <[email protected]> for [email protected]
2015-10-30 14:37:29 [15695] SMTP connection from net2dhcp039.domain.tld
(lollybook.mcs.de) [192.168.2.188]:49027 I=[192.168.5.103]:25 closed by
QUIT
2015-10-30 14:37:29 [15605] SMTP connection from [192.168.12.51]:56326
I=[192.168.5.103]:26 (TCP/IP connection count = 1)
Here should be a => line to the virus scanner rzav1 ...
Incoming connection from the virus scanner piped to spamassassin:
2015-10-30 14:37:29 [15703] 1Zs9s1-00045H-GW <= [email protected]
H=rzav1.domain.tld [192.168.12.51]:56326 I=[192.168.5.103]:26 P=esmtp
S=1168 [email protected] T="test Fri, 30 Oct 2015
14:38:10 +0100" from <[email protected]> for [email protected]
2015-10-30 14:37:29 [15709] cwd=/tmp 4 args: /usr/sbin/exim4 -oMr
spam-scanned=1Zs9s1-00045H-GW -bS
2015-10-30 14:37:29 [15709] SMTP connection from exim
Incoming from the spamassassin pipe
2015-10-30 14:37:29 [15709] 1Zs9s1-00045N-If <= [email protected]
U=exim P=spam-scanned=1Zs9s1-00045H-GW S=1723
[email protected] T="test Fri, 30 Oct 2015 14:38:10
+0100" from <[email protected]> for [email protected]
Delivery to lmtp:
2015-10-30 14:37:29 [15714] cwd=/var/spool/exim 3 args: /usr/sbin/exim4
-Mc 1Zs9s1-00045N-If
2015-10-30 14:37:29 [15714] 1Zs9s1-00045N-If => [email protected]
F=<[email protected]> R=dovecot_lmtp_router T=dovecot_lmtp_transport
S=1834 QT=0s DT=0s
If I exigrep my mail in the log I become:
2015-10-30 14:37:29 [15709] 1Zs9s1-00045N-If <= [email protected]
U=exim P=spam-scanned=1Zs9s1-00045H-GW S=1723
[email protected] T="test Fri, 30 Oct 2015 14:38:10
+0100" from <[email protected]> for [email protected]
2015-10-30 14:37:29 [15714] 1Zs9s1-00045N-If => [email protected]
F=<[email protected]> R=dovecot_lmtp_router T=dovecot_lmtp_transport
S=1834 QT=0s DT=0s
2015-10-30 14:37:29 [15714] 1Zs9s1-00045N-If Completed QT=0s
+++ 1Zs9s0-000459-Eg has not completed +++
2015-10-30 14:37:29 [15695] 1Zs9s0-000459-Eg <= [email protected]
H=net2dhcp039.domain.tld (lollybook.mcs.de) [192.168.2.188]:49027
I=[192.168.5.103]:25 P=esmtp S=578 T="test Fri, 30 Oct 2015 14:38:10
+0100" from <[email protected]> for [email protected]
Whis is OK, because the delivery to the rzav1 is not logged, but not
correct, because it is delivered.
If I look with starting the daemon in debugging mode:
# /usr/sbin/exim4 -bdf -C /etc/exim/exim.conf -d+all 2>&1 | grep -A 1
"LOG: MAIN"
...
14:33:26 15438 LOG: MAIN
14:33:26 15438 <= [email protected] H=net2dhcp039.domain.tld
(lollybook.domain.tld) [192.168.2.188]:48970 I=[192.168.5.103]:25
P=esmtp S=578 T="test Fri, 30 Oct 2015 14:34:07 +0100"
--
14:33:26 15441 LOG: MAIN PANIC
14:33:26 15441 exim user lost privilege for using -C option
--
14:33:26 15441 LOG: MAIN
14:33:26 15441 => [email protected] F=<[email protected]>
R=virusscan_director1 T=virusscan_transport_1 S=664 H=rzav1.domain.tld
[192.168.12.51]:25 C="250 ok: Message 5676932 accepted" QT=1s DT=0s
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
This is the Line which I miss in the real log!
--
14:33:26 15441 LOG: MAIN
14:33:26 15441 Completed QT=1s
--
14:33:26 15445 LOG: MAIN
14:33:26 15445 <= [email protected] H=rzav1.domain.tld
[192.168.12.51]:5868 I=[192.168.5.103]:26 P=esmtp S=1167
[email protected] T="test Fri, 30 Oct 2015 14:34:07
+0100"
--
14:33:26 15447 LOG: MAIN PANIC
14:33:26 15447 exim user lost privilege for using -C option
--
14:33:26 15447 LOG: MAIN
14:33:26 15447 => [email protected] F=<[email protected]>
R=spamchecker T=spamassassin S=1573 QT=0s DT=0s
--
14:33:26 15447 LOG: MAIN
14:33:26 15447 Completed QT=0s
Any ideas how to debug logging issues?
Thanks for your time,
Lars
Am 2015-09-05 10:28, schrieb Klaus Ethgen:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hi Lars,
Am Fr den 4. Sep 2015 um 14:55 schrieb Lars Timmann:
So this problem occurs only when the message is received via tcp.
Any ideas how to debug it?
Try swaks (apt-get install swaks) and see if you can reproduce the
problem yourself.
Regards
Klaus
- --
Klaus Ethgen http://www.ethgen.ch/
pub 4096R/4E20AF1C 2011-05-16 Klaus Ethgen <[email protected]>
Fingerprint: 85D4 CA42 952C 949B 1753 62B3 79D0 B06F 4E20 AF1C
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQGcBAEBCgAGBQJV6qedAAoJEKZ8CrGAGfasVb0L/jZCBsTzcuCdGWSYzi0HL0eT
hTVOOgLlWbUU9112UNrww8kya4qOxiIaDRk3OZ5lq2X5G/usosYxFGtrKxGbhG9k
6KA1uDGxRPby2NvNxRpxPHS5CfZYwA+fYt+RHgmimfz+BNa1FL7+/L844YHU0iYL
uEtRPRGnLTLOwx7N15u8vH5Y7nUukBAbIWnAG73bMGaP9SHXCQ7qdrbuxMZpAicL
yGw6qNGnCiI/onqtG7mAsPwUD2oVKMy1AzUInUfGSIl51b1b2/z1nJjbuqDUvSxo
9KC5Vi05y9raP4Y9AKW0GNS+mV3JwugSsmjZZ3SikPxBFmFJeqrwU0OLoKoxAPPy
cD2TAlHB+TBzUIG94T8J00CeFxKEIsm2Znu4e8+tVqQsagUROJ7i6oqO0Hcn8nd6
HukdU5tJDRj6xRQUGrLQI3m03vv3utHqpOX96tO9qi8m7TIiyZh/mwqu40FK2oev
RE0BMI78768UVcLZ2N81bQzqGlH/ZoMWVcsUtxBxzg==
=ljd+
-----END PGP SIGNATURE-----
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
