Tracking Down Application Sending Mail In CentOS 7
I am running CentOS 7 on a server where I have only recently installed postfix. Postfix is configured to only send outgoing mail via an external relay server and test mails created on my server are indeed delivered via this external server.
However, I must have some other application on the server generating mails where the recipient’s address is incorrect resulting in being rejected by the external relay server.
Viewing /var/log/maillog I get some information but cannot see which application generated that e-mail, nor the content of it which would likely allow me to see where it comes from.
Can anyone suggest how to track down the app so I can reconfigure the mail address?
Thanks.
6 thoughts on - Tracking Down Application Sending Mail In CentOS 7
And the relevant line(s) in /var/log/maillog are….
–Hold all delivery so you can examine the mystery message in the queue. I
found this article on how to hold mail with Postfix:
<https://serverfault.com/questions/92981/how-do-i-temporarily-suspend-mail-delivery-to-a-specific-domain-non-local-with>
This requires creating the file /etc/postfix/hold with a static hold rule and “compiling” it with the postmap command. Add a line to main.cf to use the new map.
Here is an example line:
Jun 25 03:25:40 CentOS7 postfix/smtp[59252]: 6AB952C03793A: to=, relay=smtp.1and1.com[74.208.5.2]:587, delay=1.4, delays=0/0.02/1.2/0.23, dsn=5.0.0, status=bounced (host SMTP.1and1.com[74.208.5.2] said: 550-Requested action not taken: mailbox unavailable 550 invalid DNS MX or A/AAAA resource record (in reply to RCPT TO command))
aaa.bbb.ccc above is a filler for the incorrect address, in fact a malformed address on the server itself that I need to track down, and, as I understand it, the reason SMTP.1and1.com kicks it away.
There are plenty of messages, basically every few minutes, see the e-mail I just posted.
You can check the pickup log line to see which user sends the mail. There are multiple programs sending mail so you may have to look into the mails content to learn where the mail comes from.
Simon
–Open a couple shell windows. Run top in one and “tail -f /var/log/messages”
in the other and watch for a program to jump to the top of the process list when that message shows up in the log.