Tag: Exim

Email is a crucial component of our online lives. Almost everything we do online requires an email address, including creating login credentials, signing up for newsletters, and leaving website comments. There's a good chance you've already encountered spam if you have an email address.

In this day and age, it is not possible to imagine any business environment without email messages. One aspect of setting up an email server for your company that is often overlooked is the selection of your mail transfer agent (MTA). MTA is also an abbreviation for mail transport agent or message transfer agent. No matter what you call it, an MTA plays an important role in everyday mail communication. An MTA is software that is responsible for transferring your electronic mail messages to the correct mail server, which an MTA finds by querying the MX records of the recipient.

Introduction

The most effective method to protect a server from sending spam is to prevent it in the first place. In this article, we provide several techniques to use to keep the server from sending out unwanted spam or junk mail. Typically, unwanted, and unsolicited spam email is usually bulk sent out to an indiscriminate list of recipients. Spam is often used for commercial purposes but can be sent out in massive volume by a botnet or a network of infected computers.

Overview

On March 2, Exim announced via its mailing list that it had discovered a vulnerability in all versions of its mail transport agent. Exim is the default MTA on cPanel servers. The latest version patches the vulnerability, and the latest cPanel update resolves the issue.

There’s a new POODLE in town, but unfortunately it’s not the kind of pooch you want around. POODLE stands for Padding Oracle On Downgraded Legacy Encryption. It’s an exploit that, although not considered to be as serious as Heartbleed, is one that should still be protected against. For more information read the Google Blog.

Servers do a fantastic job of writing down in log files what is happening right that moment. While going back and reading logs later to determine what happened in the past is helpful, it is also useful to watch logs in real time. Linux provides a command line tool that lets us do just that: tail.

One of the best tools you can use when tracking down e-mail problems is mail logs. On Liquid Web’s cPanel servers, we have turned on all of exim’s logging capabilities. Full logging means that there is a lot going on, and trying to decipher the logs can be cryptic at first. Let’s take a look at how they are composed.

Note: this article assumes that you have found the mail transaction you are looking for using exigrep.

Due to the nature of the Internet, services for one domain do not need to be on one server. The website and email for a domain do not need to be on the same physical server. DNS is used to direct the traffic to the correct place, but DNS alone will not get all the bits to where they are supposed to be. Exim, cPanel’s SMTP service needs a little help beyond DNS to know how to handle mail that is generated locally. This is where /etc/localdomains and /etc/remotedomains come into play.

Now that you have seen the basics of exigrep, let us dive into some e-mail troubleshooting where exigrep really shines.

Perhaps a particular domain on your cPanel server has stopped receiving e-mail. Or, an address on your domain is able to receive e-mail, except from your supplier. Maybe you can receive e-mail just fine, but are receiving error message bounce-backs from Yahoo. How are you going to get the fine-grained information you need to figure out just what is going on?