Exim_Maillog meaning

[NiklasRieckenFR]

Hello Guys,

I already had a look at the article "How to understand Exim_Maillog", but unfortiunately it doesnt help me. A customer asked me, if an Email he sent, reached the remote Emailserver. I had a look at the Maillog and found this:

2015-11-12 14:59:57 1ZwsPi-0001sS-Tk <= CUSTOMERADDRESS H=CUSTOMERSINTERNET P=esmtpa A=dovecot_login:LOGINMAILADDRESS S=213610 id=00c501d11d52$4a3a3ef0$deaebcd0$@de T="Bestellung Nr.: SUBJECT for REMOTE EMAILADRESSES
2015-11-12 14:59:57 1ZwsPi-0001sS-Tk SMTP connection outbound 1447336797 1ZwsPi-0001sS-Tk LOCAL DOMAIN REMOTE ADDRESS
2015-11-12 14:59:57 1ZwsPi-0001sS-Tk SMTP connection outbound 1447336797 1ZwsPi-0001sS-Tk LOCAL DOMAIN REMOTE ADDRESS2
2015-11-12 14:59:58 1ZwsPi-0001sS-Tk [195.243.107.34] SSL verify error: depth=0 error=unable to get local issuer certificate cert=/C=de/L=Luckenau/O=Raab Gruppe/CN=GWLUCL
2015-11-12 14:59:58 1ZwsPi-0001sS-Tk [195.243.107.34] SSL verify error: depth=0 error=certificate not trusted cert=/C=de/L=Luckenau/O=Raab Gruppe/CN=GWLUCL
2015-11-12 14:59:58 1ZwsPi-0001sS-Tk [195.243.107.34] SSL verify error: depth=0 error=unable to verify the first certificate cert=/C=de/L=Luckenau/O=Raab Gruppe/CN=GWLUCL
2015-11-12 15:00:00 1ZwsPi-0001sS-Tk => REMOTE ADDRESS R=dkim_lookuphost T=dkim_remote_smtp H=mail-lu.example.de [195.243.107.34] X=TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256 CV=no C="250 OK id=1ZwsPu-0002fd-1k"
2015-11-12 15:00:00 1ZwsPi-0001sS-Tk -> REMOTEADDRESS2 R=dkim_lookuphost T=dkim_remote_smtp H=mail-lu.example.de [195.243.107.34] X=TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256 CV=no C="250 OK id=1ZwsPu-0002fd-1k"
2015-11-12 15:00:00 1ZwsPi-0001sS-Tk Completed

Does this now mean, that the Email was sent correctly? Im not sure, because it says completed in the end, but shows some certificate errors in between. Could someone please help me a little?

Cheers

 

[cPanelMichael]

Hello

Yes, that output indicates the mail successfully delivered to the remote mail server:

2015-11-12 15:00:00 1ZwsPi-0001sS-Tk Completed

As for the SSL errors, they indicate a self-signed certificate was provided by the remote SMTP server. You will notice this with Exim 4.86 based on the following changes:

JH/04 Certificate name checking on server certificates, when exim is a client,
  is now done by default.  The transport option tls_verify_cert_hostnames
  can be used to disable this per-host.  The build option
  EXPERIMENTAL_CERTNAMES is withdrawn.

JH/06 Verification of the server certificate for a TLS connection is now tried
  (but not required) by default.  The verification status is now logged by
  default, for both outbound TLS and client-certificate supplying inbound
  TLS connections

Note that while you see the warning messages in /var/log/exim_mainlog, it should not result in any issues with mail delivery by default.

Thank you.