I have never looked at this in detail until I saw something funny in
my logs today. To try to condense the issue:
I have an account called dso_exec, which is mirrored to a list of 11
addresses. As it has always done, the level 2 logs show something
along these lines:
11:35:57 2 SMTP-750([63.220.231.176]) {S.0000124882} received, 1422 bytes
11:35:57 2 SYSTEM [S.0000124882]
<p05111b01b940df74448d@[63.220.231.176]> 0+1 From:[EMAIL PROTECTED]
11:35:57 2 SYSTEM [S.0000124882] distributed via dso_exec to 11 addresses
11:35:57 2 SYSTEM(POP) [S.0000124882] delivered to (dso_exec)
11:35:57 2 SYSTEM [S.0000124883]
<p05111b01b940df74448d@[63.220.231.176]> 10+1
From:[EMAIL PROTECTED]
My first question is why does the e-mail show as from
dso_exec-request? I note that my logs have always shown this, so I
suspect it is something that SIMS normally does (the additional
"-request" added on, that is).
The deliveries proceed. It is important to note that one of the
recipients is another account on the SIMS box, "jeglin". The acct
"jeglin" is a mirror to 2 addresses, [EMAIL PROTECTED], and my home
roadrunner address. This is how I have all my e-mails that come to me
at work echo to my house. When I'm at work checking mail, I check the
jeglinx acct. So in summary, the block diagram looks like this:
dso_exec ----+
|
+-+- mirrored to 10 outside addresses
|
+- mirrored to jeglin -+
|
+- mirrored to jeglinx
|
+- mirrored to roadrunner
Today for the first time I notice that there is a rejection in the
logs. Starting with the last line above, I include it all below to
keep from obfuscating anything. I intermix my observations with "->".
Please tell me if I am wrong. The punchline is at the end, a user
unknown rejection by SIMS:
11:35:57 2 SYSTEM [S.0000124883]
<p05111b01b940df74448d@[63.220.231.176]> 10+1
From:[EMAIL PROTECTED]
11:35:57 4 SYSTEM [S.0000124883] submitted
11:35:57 5 SYSTEM checking modified files
11:35:57 5 SYSTEM OSClose refNum=506
11:35:57 2 SYSTEM [S.0000124882] deleted
11:35:57 5 SYSTEM [S.0000124883] OSOpen refNum=18
11:35:57 4 SYSTEM(SMTP) [S.0000124883] opened, count=1
11:35:57 5 SYSTEM delivering to local accounts
11:35:57 5 SYSTEM {S.0000124884} in work, ref=430, nFresh=4
11:35:57 5 SYSTEM [S.0000124883] reading: 1320 bytes at 605
11:35:57 5 SYSTEM Writing 430: 1471 bytes at 0
11:35:57 2 SYSTEM [S.0000124883] distributed via jeglin to 2 addresses
-> jeglin (me) is one of the recipients on the dso_exec mirror (address 1)
11:35:57 2 SYSTEM(POP) [S.0000124883] delivered to (jeglin)
11:35:57 5 SYSTEM {S.0000124898} created, ref=34, nFresh=5
11:35:57 5 SYSTEM Scanning {S.0000124884}
11:35:57 5 SYSTEM Line Read: P I 27-06-2002 15:35:57 0000 mx.4pi.com
dso_exec-request
11:35:57 5 SYSTEM Line Read: O T
11:35:57 5 SYSTEM Line Read: R W 27-06-2002 15:35:57 0000 jeglinx
11:35:57 5 SYSTEM Line Read: R W 27-06-2002 15:35:57 0000 nc.rr.com SJEGLINSKI1
-> jeglin has now been mirrored to jeglinx and my RR account
11:35:57 5 SYSTEM Line Read:
11:35:57 5 SYSTEM Line Read: Received: from [63.220.231.176]
([63.220.231.176] verified) by mx.4pi.com (Stalker SMTP Server
1.8b9d12) with ESMTP id S.0000124882 for <[EMAIL PROTECTED]>;
Thu, 27 Jun 2002 11:35:57 -0400
11:35:57 5 SYSTEM Line Read: Mime-Version: 1.0
11:35:57 5 SYSTEM Line Read: X-Sender: [EMAIL PROTECTED]
11:35:57 5 SYSTEM Line Read: Message-Id:
<p05111b01b940df74448d@[63.220.231.176]>
11:35:57 5 SYSTEM Line Read: Date: Thu, 27 Jun 2002 11:35:53 -0400
11:35:57 5 SYSTEM Line Read: To: [EMAIL PROTECTED]
11:35:57 5 SYSTEM Line Read: From: Stefan Jeglinski <[EMAIL PROTECTED]>
11:35:57 5 SYSTEM Line Read: Subject: missing item from BoD meeting
11:35:57 5 SYSTEM Line Read: Content-Type: text/plain;
charset="us-ascii" ; format="flowed"
11:35:57 5 SYSTEM Line Read:
11:35:57 2 SYSTEM [S.0000124884]
<p05111b01b940df74448d@[63.220.231.176]> 1+1
From:[EMAIL PROTECTED]
11:35:57 4 SYSTEM [S.0000124884] submitted
11:35:57 5 SYSTEM checking modified files
11:35:57 5 SYSTEM [S.0000124883] updating, sAddr=410
11:35:57 5 SYSTEM [S.0000124883] writing: 29 bytes at 310
11:35:57 4 SYSTEM(SMTP) [S.0000124883] opened, count=2
11:35:57 5 SYSTEM delivering to local accounts
11:35:57 3 SYSTEM [S.0000124884] cannot deliver to jeglinx: busy. Delaying
11:35:57 5 SYSTEM checking modified files
11:35:57 4 SYSTEM(SMTP) [S.0000124883] opened, count=3
11:35:57 4 SYSTEM(SMTP) [S.0000124883] opened, count=4
11:35:57 4 SYSTEM(SMTP) [S.0000124883] opened, count=5
11:35:57 4 SYSTEM(SMTP) [S.0000124883] opened, count=6
11:35:57 4 SYSTEM(SMTP) [S.0000124883] opened, count=7
11:35:58 3 SMTP-754(aol.com) Abort Received, reason=54
11:35:58 3 SMTP-754(aol.com) Reading Failed. Error Code=-25010. Read:
11:35:58 3 SMTP-754(aol.com) No prompt at [205.188.156.154:25]
11:35:58 2 SMTP-754(aol.com) [S.0000124883] sent, 1320 bytes
-> SMTP-754 sent to aol (address 2)
11:35:58 4 SYSTEM(SMTP) [S.0000124883] closed, count=6
11:35:58 2 SYSTEM(SMTP) [S.0000124883] sent to (aol.com)reva58
11:35:58 5 SYSTEM checking modified files
11:35:58 5 SYSTEM [S.0000124883] updating, sAddr=370
11:35:58 5 SYSTEM [S.0000124883] writing: 29 bytes at 266
11:35:58 5 SYSTEM checking modified files
11:35:59 2 SMTP-756(ndia.org) [S.0000124883] sent, 1320 bytes
11:35:59 4 SYSTEM(SMTP) [S.0000124883] closed, count=5
11:35:59 2 SYSTEM(SMTP) [S.0000124883] sent to (ndia.org)njackson
-> SMTP-756 sent to ndia.org (address 3)
11:35:59 5 SYSTEM checking modified files
11:35:59 5 SYSTEM [S.0000124883] updating, sAddr=582
11:35:59 5 SYSTEM [S.0000124883] writing: 29 bytes at 507
11:35:59 5 SYSTEM checking modified files
11:35:59 2 SMTP-753(cupitt.com) [S.0000124883] sent, 1320 bytes
11:35:59 4 SYSTEM(SMTP) [S.0000124883] closed, count=4
11:35:59 2 SYSTEM(SMTP) [S.0000124883] sent to (cupitt.com)melanie
-> SMTP-753 sent to cupitt.com (address 4)
11:35:59 5 SYSTEM checking modified files
11:35:59 5 SYSTEM [S.0000124883] updating, sAddr=326
11:35:59 5 SYSTEM [S.0000124883] writing: 29 bytes at 218
11:35:59 5 SYSTEM checking modified files
11:35:59 2 SMTP-755(measinc.com) [S.0000124883] sent, 1320 bytes
11:35:59 4 SYSTEM(SMTP) [S.0000124883] closed, count=3
11:35:59 2 SYSTEM(SMTP) [S.0000124883] sent to (measinc.com)hkober
-> SMTP-755 sent to measinc.com (address 5)
11:35:59 5 SYSTEM checking modified files
11:35:59 5 SYSTEM [S.0000124883] updating, sAddr=490
11:35:59 5 SYSTEM [S.0000124883] writing: 29 bytes at 407
11:35:59 5 SYSTEM checking modified files
11:35:59 2 SMTP-751(mindspring.com) [S.0000124883] sent, 1320 bytes
11:35:59 4 SYSTEM(SMTP) [S.0000124883] closed, count=2
11:35:59 2 SYSTEM(SMTP) [S.0000124883] sent to (mindspring.com)hafskip
11:35:59 2 SYSTEM(SMTP) [S.0000124883] sent to (mindspring.com)lm402882
11:35:59 2 SYSTEM(SMTP) [S.0000124883] sent to (mindspring.com)hrdlicka
11:35:59 2 SYSTEM(SMTP) [S.0000124883] sent to (mindspring.com)dagnhrt
-> SMTP-751 sent to 4 mindspring addresses (addresses 6-9)
11:35:59 5 SYSTEM checking modified files
11:35:59 5 SYSTEM [S.0000124883] updating, sAddr=182
11:35:59 5 SYSTEM [S.0000124883] writing: 29 bytes at 61
11:35:59 5 SYSTEM checking modified files
11:35:59 5 SYSTEM [S.0000124883] updating, sAddr=278
11:35:59 5 SYSTEM [S.0000124883] writing: 29 bytes at 165
11:35:59 5 SYSTEM checking modified files
11:35:59 5 SYSTEM [S.0000124883] updating, sAddr=442
11:35:59 5 SYSTEM [S.0000124883] writing: 29 bytes at 354
11:35:59 5 SYSTEM checking modified files
11:35:59 5 SYSTEM [S.0000124883] updating, sAddr=534
11:35:59 5 SYSTEM [S.0000124883] writing: 29 bytes at 455
11:35:59 5 SYSTEM checking modified files
11:35:59 2 SMTP-752(earthlink.net) [S.0000124883] sent, 1320 bytes
11:35:59 4 SYSTEM(SMTP) [S.0000124883] closed, count=1
11:35:59 2 SYSTEM(SMTP) [S.0000124883] sent to (earthlink.net)worleytj
-> SMTP-752 sent to earthlink.net (address 10)
11:35:59 5 SYSTEM checking modified files
11:35:59 5 SYSTEM [S.0000124883] updating, sAddr=230
11:35:59 5 SYSTEM [S.0000124883] writing: 29 bytes at 113
11:35:59 5 SYSTEM checking modified files
11:36:00 2 SMTP-757(yahoo.com) [S.0000124883] sent, 1320 bytes
11:36:00 4 SYSTEM(SMTP) [S.0000124883] closed, count=0
11:36:00 2 SYSTEM(SMTP) [S.0000124883] sent to (yahoo.com)dso_office
-> SMTP-757 sent to yahoo.com (address 11)
11:36:00 5 SYSTEM checking modified files
11:36:00 5 SYSTEM OSClose refNum=18
11:36:00 2 SYSTEM [S.0000124883] deleted
-> all is now well, except for the punchline, which is next:
11:36:00 5 SYSTEM checking modified files
11:36:02 5 SYSTEM {S.0000124885} in work, ref=234, nFresh=4
11:36:02 5 SYSTEM {S.0000124899} created, ref=178, nFresh=5
-> message coming in?
11:36:02 1 SMTP-758(qmail.webpipe.net) SPAM? Recipient
'<[EMAIL PROTECTED]>' rejected: user unknown
11:36:03 3 SMTP-758(qmail.webpipe.net) Abort Received, reason=54
11:36:03 3 SMTP-758(qmail.webpipe.net) Reading Failed. Error Code=-25010. Read:
-> WTF? this is a rejection by SIMS from an attempt to send to it
by qmail.webpipe.net, correct?
Where did qmail.webpipe.net come in, and why is it sending to
[EMAIL PROTECTED]?
AFAICT, all the messages were delivered, and I got my copy also. I
searched all my logs previous to this, and this is the first time
I've seen this, so it may be transient, but for now it is persistent
(repeat tests show the same thing).
I know this is a tedious technical analysis, but I'd sure appreciate the help!
Stefan Jeglinski
#############################################################
This message is sent to you because you are subscribed to
the mailing list <[EMAIL PROTECTED]>.
To unsubscribe, E-mail to: <[EMAIL PROTECTED]>
To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]>
To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]>
Send administrative queries to <[EMAIL PROTECTED]>
