Where do I look for errors?
hvdkooij at vanderkooij.org
hvdkooij at vanderkooij.org
Tue Oct 9 10:49:47 IST 2007
Jason Gottschalk wrote:
> Hello MailScanner,
>
> I have a user that gets "Deferred: Connection Refused by
> staffcos.com" when they send mail to one of the addresses at that
> domain, they can send to other addresses without any problems.
>
> I have looked at all the log files I can find, I see no evidence
> the message in question ever made it to our server. Mailscanner show
> no record of it. But if I go to the sender's PC and send the message
> myself, the error certainly comes back.
>
> First a warning after four hours, then a failure at 5 hours.
>
> Is there a log file I might be missing? I've looked at maillog,
> exim_mainlog, exim_paniclog and exim_rejectlog.
Forget log files. Use tcpdump and track SMTP sessions. You know which
SMTP server you expect to deliver the message. So you can filter
accordingly.
Even just filtering ALL SMTP traffic for a minute or 2 when you fire a
message should tell you if the message even comes close to your server
or not.
And check DNS info on the sending server. It might not be what you expect.
Hugo.
--
hvdkooij at vanderkooij.org http://hugo.vanderkooij.org/
Don't meddle in the affairs of sysadmins,
for they are subtle and quick to anger.
More information about the MailScanner
mailing list