I have a sendmail + dovecot setup on my server, there are some "strange" emails on email queue. Every email must be sent from a authenticated user and those strange emails don't belong to domains hosted on my server. Due the rules on sendmail they won't be sent out but yet they still appearing on the queue list.
My question is, how do i track down which emails each user is sending out?
Thanks.
The server log files (usually /var/log/maillog) will contain entries for each message, including the ip-address, date, time, and other details of the message.
You should be able to use the grep command to find message details. The messages in the queue should have a message id, and you should be able to search your log files for this id.
so to find your messages in your queue, you would run sendmail -bp to print the mail queue. This should return a Q-ID field, which you can grep by running 'grep $Q-ID /var/log/maillog' replacing $Q-ID with the actual value in the feild.
Hope this helps