[Mimedefang] sendmail logging of milter results.

Jon R. Kibler Jon.Kibler at aset.com
Sat Sep 20 12:42:01 EDT 2003


I originally posted this question to comp.mail.sendmail, but did not receive any responses. Does anyone here have any idea the solution to this problem? Thanks! Jon Kibler


Greetings:

Environment:
	sendmail 8.12.10
	Solaris 9 (sparc)
	mimedefang 2.36

I have a question about logging of milter results.

We maintain two mail logs. The 'standard' mail log is configured at facility.level=mail.debug. The 'error' mail log is configured at facility.level=mail.notice. We continuously display the error log (tail -f error-log) on the screen so we can get a visual picture of what exceptions are occurring in our mail system.

Normally, when sendmail rejects a message -- for example, because it is blocked via an access.db rule -- the reject is logged to the error log. However, whenever a milter rejects a message, it is NOT logged to the error log.

Here are a couple of examples to show what is (is not) occurring. 

First, the following DNSBL reject (as shown in the standard log)...
> Sep 19 14:13:40 ZZZ sendmail[17690]: h8JIDdl9017690: ruleset=check_rcpt, arg1=<AAA at BBBT>, relay=YYY.net [X.X.X.X], reject=550 5.7.1 <AAA at BBBT>... Email not accepted from verified open relays. Blocked by NJABL.ORG - see <http://njabl.org/cgi-bin/lookup.cgi?query=X.X.X.X>
> Sep 19 14:13:40 ZZZ sendmail[17690]: h8JIDdl9017690: from=<ntf-2211_46-7166867-AAA_=_BBBT at DDD.com>, size=0, class=0, nrcpts=0, proto=SMTP, daemon=MTA, relay=YYY.net [X.X.X.X]

creates the following error log entry:
> Sep 19 14:13:40 ZZZ sendmail[17690]: h8JIDdl9017690: ruleset=check_rcpt, arg1=<AAA at BBBT>, relay=lax1nta1.crm.tmcs.net [209.104.63.181], reject=550 5.7.1 <AAA at BBBT>... Email not accepted from verified open relays. Blocked by NJABL.ORG - see <http://njabl.org/cgi-bin/lookup.cgi?query=209.104.63.181>


Now, the following Milter reject (as shown in the standard log)...
> Sep 18 23:24:28 ZZZ sendmail[17143]: h8J3OPl9017143: from=<AAAAA at bellsouth.net>, size=157689, class=0, nrcpts=1, msgid=<DDDDDD.mail.bellsouth.net at eqqx>, proto=ESMTP, daemon=MTA, relay=imf16aec.mail.bellsouth.net [205.152.59.64]
> Sep 18 23:24:35 ZZZ sendmail[17143]: h8J3OPl9017143: Milter: data, reject=554 5.7.1 Message rejected. Reason: Virus W32/Swen at MM found in message.
> Sep 18 23:24:35 ZZZ sendmail[17143]: h8J3OPl9017143: to=<X at Y>, delay=00:00:09, pri=30592, stat=Message rejected. Reason: Virus W32/Swen at MM found in message.

I would think should create the following error log entry, but it does not:
> Sep 18 23:24:35 ZZZ sendmail[17143]: h8J3OPl9017143: Milter: data, reject=554 5.7.1 Message discarded. Reason: Virus W32/Swen at MM found in message.


Is there something that I am misunderstanding about how milter logging occurs? Is there something that I need to do to get sendmail to log these rejects as mail.notice level log entries -- like rejects created internal to sendmail?

Finally, I will add that sendmail does log some milter entries at mail.notice or higher levels, such as:
> Sep 16 10:26:29 trustem01.trustem.net sendmail[639]: h8GCObl9000639: Milter (mimedefang): write(A) returned -1, expected 5: Broken pipe

Thanks for all help!

Jon R. Kibler
A.S.E.T., Inc.
Charleston, SC  USA




==================================================
Filtered by: TRUSTEM.COM's Email Filtering Service
http://www.trustem.com/
No Spam. No Viruses. Just Good Clean Email.



More information about the MIMEDefang mailing list