Showing results for 
Search instead for 
Did you mean: 
Cisco Secure Email Support Community

Product Support Talos Support Cisco Support Reference + Current Release
Gateway Reputation Lookup Open a support case Secure Email Guided Setup
Gateway: 14.0.1-033
Cloud Gateway Email Status Portal Support & Downloads
Email and Web Manager: 14.0.0-418
Email and Web Manager Web & Email Reputation Worldwide Contacts Product Naming Quick Reference
Reporting Plug-in:
Encryption Bug Search
Encryption Plug-in:
Cloud Mailbox Notification Service
Outlook Add-in(s): More info

Martin Kyrc

how to see status of emails stopped in queue


I'd like ask you how is possible define reason of non-deliveriyng mail mesage. Below is my analyses:

1. list of all messages in queue (similar aoutput as mailq from *nix like systems)

(Machine esa1.DOMAIN.XYZ)> showrecipients all

Showing messages, please wait.

MID/     Bytes/    Sender/                 Subject

[RID]    [Atmps]   Recipient


800      115    

[0]      [0]       RCPT@DOMAIN.XYZ


2. view of MID 800

(Machine esa1.DOMAIN.XYZ)> showmessage 800

MID 800: 20 hours 26 mins 38 secs old

From Wed Jun 22 15:02:02 2011

Received: from mx2.DOMAIN.XYZ ([81.88.XY.Z])

  by ext-esa1.DOMAIN.XYZ with SMTP; 22 Jun 2011 15:01:52 +0200

test 2

3. grep of the message in mail log

(Machine esa1.DOMAIN.XYZ)> grep "MID 800" mail_logs

Wed Jun 22 15:01:52 2011 Info: Start MID 800 ICID 552832

Wed Jun 22 15:01:52 2011 Info: MID 800 ICID 552832 From: <>

Wed Jun 22 15:02:10 2011 Info: MID 800 ICID 552832 RID 0 To: <RCPT@DOMAIN.XYZ>

Wed Jun 22 15:02:15 2011 Info: MID 800 ready 115 bytes from <>

Wed Jun 22 15:02:15 2011 Info: MID 800 matched all recipients for per-recipient policy DEFAULT in the inbound table

Wed Jun 22 15:02:15 2011 Info: MID 800 interim AV verdict using McAfee CLEAN

Wed Jun 22 15:02:15 2011 Info: MID 800 antivirus negative

Wed Jun 22 15:02:15 2011 Info: MID 800 queued for delivery

(Machine esa1.DOMAIN.XYZ)> grep "ICID 552832" mail_logs

Wed Jun 22 15:01:48 2011 Info: New SMTP ICID 552832 interface outside ( address 81.88.XY.Z reverse dns host mx2.DOMAIN.XYZ verified yes

Wed Jun 22 15:01:48 2011 Info: ICID 552832 ACCEPT SG WHITELIST match 81.88.XY.Z SBRS None

Wed Jun 22 15:01:52 2011 Info: Start MID 800 ICID 552832

Wed Jun 22 15:01:52 2011 Info: MID 800 ICID 552832 From: <>

Wed Jun 22 15:02:10 2011 Info: MID 800 ICID 552832 RID 0 To: <RCPT@DOMAIN.XYZ>

Wed Jun 22 15:02:17 2011 Info: ICID 552832 close

But there is no delivery status, because destination host for domain DOMAIN.XYZ is not reachable (I checked it using telnet IP-of-MX-for-DOMAN.XYZ). My question is, how is it possible to see, that destination host is not reachable (reason of message in queue)? I need this information for customer, how he can see using easy way list of 'problematic' messages in queue. 'showrecipients all' output don't show reason. I'm searching for alternative of 'mailq' (I found only 'showrecipients all', but this answer was from year 2007/8, maybe is something new now). Is there ani GUI possibility how to show messages in queue with his status?

Second question is, I can see only 6 messages in 'showrecipients all' output. What does it mean this output (cutted unnecesary output)?:

(Machine esa1.DOMAIN.XYZ)> status detail



    Active Recipients                       6

      Unattempted Recipients                1

      Attempted Recipients                  5

    Destinations In Memory                 68




You can have a detailed status in the GUI. Search for Outgoing Domain  Delivery Status for the specific domain.


In addition to Peter van den Berg's suggestion, I recommend using grep from the CLI to get some more details.  Especially if the Delivery Status shows as 'Unknown' or Down'.  To do this:

Log into the command line over SSH (preferred), serial, or telnet

Enter the 'grep' command

Enter the number of the mail_logs as show in the displayed list

For the 'Regular Expression' enter the domain name: e.g. DOMAIN.XYZ

For the three questions that follow, simply press Enter to take the defaults.

This will usually produce a lot of output text.  Search from the bottom up for lines referring to 'DCID'; these are the related delivery connections.  When delivery is failing, these DCID lines will typically show a network error or a rejection from the destination server's side.  In most cases this will tell you exactly 'why' the messages for this domain are not delivering.

If it is a network level error: check routing, firewalls, and other network devices as appropriate.  If this is happening to multiple domains, I suggest checking your own side first.  If this happens to only one domain, you may want to contact their admin first.  In some cases you will have to check all devices involved, sometimes even the ISPs in between.

If it is a rejection, it will usually contain a URL that provides additional details.  Look at this web page and follow the recommendations as best as possible.  Most of these recommendations are considered 'best practice' in the email community anyhow.  If you are unable or their feedback does not make sense, follow any directions on their website to engage the rejecting server's admins for further discussion.

Recognize Your Peers
Content for Community-Ad