[Mimedefang] sendmail logging of milter results.
Jon R. Kibler
Jon.Kibler at aset.com
Sat Sep 20 12:42:01 EDT 2003
I originally posted this question to comp.mail.sendmail, but did not receive any responses. Does anyone here have any idea the solution to this problem? Thanks! Jon Kibler
Greetings:
Environment:
sendmail 8.12.10
Solaris 9 (sparc)
mimedefang 2.36
I have a question about logging of milter results.
We maintain two mail logs. The 'standard' mail log is configured at facility.level=mail.debug. The 'error' mail log is configured at facility.level=mail.notice. We continuously display the error log (tail -f error-log) on the screen so we can get a visual picture of what exceptions are occurring in our mail system.
Normally, when sendmail rejects a message -- for example, because it is blocked via an access.db rule -- the reject is logged to the error log. However, whenever a milter rejects a message, it is NOT logged to the error log.
Here are a couple of examples to show what is (is not) occurring.
First, the following DNSBL reject (as shown in the standard log)...
> Sep 19 14:13:40 ZZZ sendmail[17690]: h8JIDdl9017690: ruleset=check_rcpt, arg1=<AAA at BBBT>, relay=YYY.net [X.X.X.X], reject=550 5.7.1 <AAA at BBBT>... Email not accepted from verified open relays. Blocked by NJABL.ORG - see <http://njabl.org/cgi-bin/lookup.cgi?query=X.X.X.X>
> Sep 19 14:13:40 ZZZ sendmail[17690]: h8JIDdl9017690: from=<ntf-2211_46-7166867-AAA_=_BBBT at DDD.com>, size=0, class=0, nrcpts=0, proto=SMTP, daemon=MTA, relay=YYY.net [X.X.X.X]
creates the following error log entry:
> Sep 19 14:13:40 ZZZ sendmail[17690]: h8JIDdl9017690: ruleset=check_rcpt, arg1=<AAA at BBBT>, relay=lax1nta1.crm.tmcs.net [209.104.63.181], reject=550 5.7.1 <AAA at BBBT>... Email not accepted from verified open relays. Blocked by NJABL.ORG - see <http://njabl.org/cgi-bin/lookup.cgi?query=209.104.63.181>
Now, the following Milter reject (as shown in the standard log)...
> Sep 18 23:24:28 ZZZ sendmail[17143]: h8J3OPl9017143: from=<AAAAA at bellsouth.net>, size=157689, class=0, nrcpts=1, msgid=<DDDDDD.mail.bellsouth.net at eqqx>, proto=ESMTP, daemon=MTA, relay=imf16aec.mail.bellsouth.net [205.152.59.64]
> Sep 18 23:24:35 ZZZ sendmail[17143]: h8J3OPl9017143: Milter: data, reject=554 5.7.1 Message rejected. Reason: Virus W32/Swen at MM found in message.
> Sep 18 23:24:35 ZZZ sendmail[17143]: h8J3OPl9017143: to=<X at Y>, delay=00:00:09, pri=30592, stat=Message rejected. Reason: Virus W32/Swen at MM found in message.
I would think should create the following error log entry, but it does not:
> Sep 18 23:24:35 ZZZ sendmail[17143]: h8J3OPl9017143: Milter: data, reject=554 5.7.1 Message discarded. Reason: Virus W32/Swen at MM found in message.
Is there something that I am misunderstanding about how milter logging occurs? Is there something that I need to do to get sendmail to log these rejects as mail.notice level log entries -- like rejects created internal to sendmail?
Finally, I will add that sendmail does log some milter entries at mail.notice or higher levels, such as:
> Sep 16 10:26:29 trustem01.trustem.net sendmail[639]: h8GCObl9000639: Milter (mimedefang): write(A) returned -1, expected 5: Broken pipe
Thanks for all help!
Jon R. Kibler
A.S.E.T., Inc.
Charleston, SC USA
==================================================
Filtered by: TRUSTEM.COM's Email Filtering Service
http://www.trustem.com/
No Spam. No Viruses. Just Good Clean Email.
More information about the MIMEDefang
mailing list