Kiwi Syslog SMTP Protocol Error

I have configured Kiwi syslog to send error logs from servers however there is one device that is configured to receive syslog and write to file but there are not alerts set up to send email yet i am seeing this

PI Message to:

PI Message from:

PI Subject: Syslog message from
 PI Date: Wed, 02 Dec 2020 18:27:53 -0500
 PI Mail error: SMTP protocol error. 550 5.1.0 Sender is not allowed to send from (R2). is not configured to send any email alerts. How do i stop this queue , syslog is getting flooded and preventing other emails from being sent.

  • Kiwi can be setup in the following sections to send emails to specific addresses:

    • Under Email in setup you can configure and setup the email address to receive alarms and syslog statistics. Alarms are setup in the alarms section for things like min/max message counts, low diskspace etc.
    • Under Schedules any schedule that is setup has the option to email a notification to a specified address.
    • Any Rules that are setup have the option to include an "EMail" action where email addresses can be specified along with custom variables for the email.
    • Any Rule with a Run-Script action can include a script that is cable of sending an email 

    If you've checked all of those locations and no email addresses have been configured, I believe it's safe to say that Kiwi is not the culprit sending emails.

  • If that message is from a remote server(not the Kiwi server) then there is something that is trying to send email.  If that is the Kiwi server the email address being used doesn't have the permissions to send email through that SMTP server.

    You can set a rule in Kiwi to 'drop' those messages by matching on some unique text in the message and then using the 'stop processing' action.

    The best solution is always to fix it at the source but if that can't be done the filter could be a workaround.

  • It definitely is something else that is trying to send the email but why is kiwi logging it? The email in the kiwi syslog is configured to use a different email server and email address to send outbound email. 

  • Is the server creating the message Windows or Linux?

    If Linux check the syslog config in /etc. If Windows is it running a mail client or scripts that might send emails?