[CentOS] Tracking down application sending mail in CentOS 7

Fri Jun 25 07:00:08 UTC 2021
Simon Matter <simon.matter at invoca.ch>

> Here is an example line:
> Jun 25 03:25:40 centos7 postfix/smtp[59252]: 6AB952C03793A:
> to=<root at aaa.bbb.ccc>, relay=smtp.1and1.com[]:587, delay=1.4,
> delays=0/0.02/1.2/0.23, dsn=5.0.0, status=bounced (host
> smtp.1and1.com[] said: 550-Requested action not taken: mailbox
> unavailable 550 invalid DNS MX or A/AAAA resource record (in reply to RCPT
> TO command))
> aaa.bbb.ccc above is a filler for the incorrect address, in fact a
> malformed address on the server itself that I need to track down, and, as
> I understand it, the reason smtp.1and1.com kicks it away.

You can check the pickup log line to see which user sends the mail. There
are multiple programs sending mail so you may have to look into the mails
content to learn where the mail comes from.