Kiwi Syslog SMTP Protocol Error

I have configured Kiwi syslog to send error logs from servers however there is one device that is configured to receive syslog and write to file but there are not alerts set up to send email yet i am seeing this

PI Message to: yyy@xxx.com

PI Message from: xxx@xxx.com

PI Subject: Syslog message from 10.10.0.1
 PI Date: Wed, 02 Dec 2020 18:27:53 -0500
 PI Mail error: SMTP protocol error. 550 5.1.0 Sender is not allowed to send from xxx.com (R2).

10.10.0.1 is not configured to send any email alerts. How do i stop this queue , syslog is getting flooded and preventing other emails from being sent.

Parents
  • If that message is from a remote server(not the Kiwi server) then there is something that is trying to send email.  If that is the Kiwi server the email address being used doesn't have the permissions to send email through that SMTP server.

    You can set a rule in Kiwi to 'drop' those messages by matching on some unique text in the message and then using the 'stop processing' action.

    The best solution is always to fix it at the source but if that can't be done the filter could be a workaround.

Reply
  • If that message is from a remote server(not the Kiwi server) then there is something that is trying to send email.  If that is the Kiwi server the email address being used doesn't have the permissions to send email through that SMTP server.

    You can set a rule in Kiwi to 'drop' those messages by matching on some unique text in the message and then using the 'stop processing' action.

    The best solution is always to fix it at the source but if that can't be done the filter could be a workaround.

Children