NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Postfix Discussion> 2006-12

Re: tracking local mail generators

From: Victor Duchovni (Victor.DuchovniMorganStanley.com)
Date: Fri Dec 01 2006 - 15:44:18 CST

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Dec 01, 2006 at 10:34:38PM +0100, Tomasz Grobelny wrote:

> Dnia Friday, 1 of December 2006 22:26, Ralf Hildebrandt napisa??:
> > * Tomasz Grobelny <tomaszgrobelny.oswiecenia.net>:
> > > In my logs I found this:
> > >
> > > Nov 27 20:34:45 serwerek postfix/cleanup[8069]: D90AF36B1:
> > > message-id=<20061127193445.D90AF36B1poczta.oswiecenia.net>
> > > Nov 27 20:34:45 serwerek postfix/qmgr[22561]: D90AF36B1: from=<>,
> > > size=5909, nrcpt=1 (queue active)
> > >
> > > I guess it is locally generated message.
> >
> > Don't guess, grep:
> >
> > grep D90AF36B1 /var/log/mail*
> That's what I did. The above are the first two lines of output. Later there
> are 450 replies from destination server. I also tried my logs in archiv and
> nothing more is known about D90AF36B1. But something must have generated this
> message, if it wasn't external host (since that would have been stated in the
> logs) then, by elimination, it must have been a local process. Am I right?
> And if so, which one?

It is almost certainly a bounce, the empty envelope sender is a give-away.
These are generated by Postfix and so don't have any origin logging in
Postfix releases prior to 2.3. With 2.3 and later you see:

Dec 1 00:19:03 amnesiac postfix/bounce[26862]: 5426ACC81:
sender non-delivery notification: 7446BCD68

This means that 7446BCD68 is a bounce notice for non-deliveries of
5426ACC81.

--
Viktor.

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.

To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:majordomopostfix.org?body=unsubscribe%20postfix-users>

If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]