Where and How to Read Sendmail Logs

Sendmail program keeps up-to-date with the system administrator about mail delivery and forwarding aspects. To maintain the history of all its activities, log all activities using the syslog facility. It also gathered the statistics of all tasks about what it is doing. Recording information, for example, about site connectivity and total message volume, can help the system administrator generate sendmail more efficiently. Through these logs, administrators can also solve message delivery problems between the sender and recipient.

We will explore in this article where and how to read the Sendmail logs in a Linux system.

Sendmail logs location

The Sendmail logs default location varies based on your Linux distribution. The ‘/var/log’ is the location where users can find log files of different services. So, mostly the Sendmail logs located at ‘/var/log/mail.log’ in your Linux system. To access the Sendmail logs, use the following command that will display all logs on the terminal window:

$ sudo cat /var/log/mail.log

The list of logs displays on the terminal.

How to read Sendmail logs?

Most users cannot read or understand the Sendmail logs. Logs messages display in the following format. Each line in logs consists of a timestamp, the machine name that generated this message, the Sendmail word, and message details. Most of the messages in logs are a sequence of names=value pairs. When a message is in the delivery process, the delivery attempt and recipient line are the two most commonly logged lines that are used. The recipient line logs the recipient messages.

These recipient message fields are:

  • from  It specifies the sender address.
  • size  This filed displays size of a message in bytes.
  • class  Indicates the numeric precedence or class of the message.
  • Pri  Used for queue sorting. Therefore, it specifies the initial message priority.
  • nrcpts  Shows the recipient’s envelope for given messages.
  • proto  indicates the protocol that is used to receive the message.
  • relay  Displays the machine information from which it was received.

The delivery attempt fields are given below:

  • To contain a list of recipients with comma-separated to this mailer.
  • ctladdr  This field shows the name of the controlling user, user name whose email or account credentials are used for message delivery.
  • delay  This field shows the total delay between the time at which the message was delivered, and the time it was received.
  • xdelay  Shows the time needed for a message delivery attempt.
  • mailer  Displays the mailer name that is used to deliver to this message recipient.
  • relay  Specifies the hostname who accepted or rejected this recipient.
  • stat  Shows the message delivery status.


In this article, we have explained the brief description of Sendmail logging. We have described how a user can locate logs in the Linux system and understand the Sendmail logs format. That is all about Send mail logging. I hope I have explained all the details in an easy way that will help you.

About the author

Karim Buzdar

Karim Buzdar holds a degree in telecommunication engineering and holds several sysadmin certifications. As an IT engineer and technical author, he writes for various web sites. He blogs at LinuxWays.