Extended Exim Logging
Posted on October 25th, 2018
Extended Exim Logging
Exim is a mail transfer agent (MTA) used on Linux based system and which is free software distributed under the GNU General Public License. Most cPanel’s are comes with exim as default and it is very easy to use. Exim is very flexible in the way of mail can be routed, and also there are extensive facilities for checking incoming mails on a server.
Here in this tutorial, I will discuss the steps for how do we add more information to the exim logs, this will definitely help us to troubleshoot email related issues. For implementing this you would need root SSH access to your server there. These steps will add more logging information to the exim_mainlog file, so you can determine where messages are coming from, who’s sending the message and from what directory on your server, etc.
For an example:
2003-06-27 14:06:18 cwd=/home/usersite/public_html/forums 3 args: /usr/sbin/sendmail -t -i
2003-06-27 14:06:18 19W0QE-0001Nr-1b [email protected] from env-from rewritten as “”usersite.com” <[email protected]>” by rule 1
The error log entry tells that where the message is coming from, who it sent it from your server, and also the user and the path it was called from, etc.
Likewise, the following log entry shows that the incoming mail is arrived with the subject line, which is very helpful in determining as spam.
19W0bO-0001cY-Ej <= [email protected] H=(one) [xxx.xxx.xxx.xx]:52087 I=[xx.xxx.xx.xxx]:25 P=smtp S=2387 T=”Newsreaders? OH GOD!” from [email protected]
Let’s see the steps to implement this in your server, for this login to your server as root user via SSH.
1) Once you have logged in to your server, open exim.conf file and search for this line “hostlist auth_relay_hosts”. After this add the following entries on your exim configuration file (/etc/exim.conf):
log_selector =
+address_rewrite
+all_parents
+arguments
+connection_reject
+delay_delivery
+delivery_size
+dnslist_defer
+incoming_interface
+incoming_port
+lost_incoming_connection
+queue_run
+received_sender
+received_recipients
+retry_defer
+sender_on_delivery
+size_reject
+skip_delivery
+smtp_confirmation
+smtp_connection
+smtp_protocol_error
+smtp_syntax_error
+subject
+tls_cipher
+tls_peerdn
2) The final result should look like as follows:
hostlist auth_relay_hosts = *
log_selector =
+address_rewrite
+all_parents
+arguments
+connection_reject
+delay_delivery
+delivery_size
+dnslist_defer
+incoming_interface
+incoming_port
+lost_incoming_connection
+queue_run
+received_sender
+received_recipients
+retry_defer
+sender_on_delivery
+size_reject
+skip_delivery
+smtp_confirmation
+smtp_connection
+smtp_protocol_error
+smtp_syntax_error
+subject
+tls_cipher
+tls_peerdn
3) Save the file and restart Exim on your server.
service exim restart
Now see your exim main log file and you should see the latest log with more details/information on it.
If you need any further assistance please contact our support department.