|
Chapter 26 Logging and Statistics |
|
|
|
Chapter 26 Logging and Statistics |
|
Beginning with V8.2
sendmail
, the
-X
command-line switch can be used to record all input and output, SMTP traffic, and other significant transactions. The form of the
-X
(transaction) command-line switch looks like this:
-Xfile
Space between the
-X
and the
file
is optional. The
file
may be specified as either as a full or a relative pathname. For security the
-X
command-line switch always causes
sendmail
to give up its
root
privilege unless it was run by
root
. If the transaction
file
cannot be opened for writing, the following error is printed and no logging is done:
cannot openfile
Otherwise, the file is opened in append mode, and each line that is written to it looks like this:
pid what detail
The
pid
is the process identification number of the
sendmail
that added the line. The
what
is one of these three symbols:
<<<
This is input. It is either text that is read on the standard input or parts of an SMTP dialog that were read on a socket connection.
>>>
This is output. It is either something that sendmail printed to its standard output, or something that it sent over an SMTP connection.
===
This is an event. The only two events that are currently logged are CONNECT for connection to a host and EXEC for execution of a delivery agent.
To illustrate, consider sending a mail message to yourself and to a friend at another site:
%/usr/lib/sendmail -X /tmp/xfile -oQ/tmp yourself,[email protected]To: yourself,[email protected] Subject: test This is a test. .
These few lines of input produce a long /tmp/xfile . The first few lines of that file are illustrative:
29559 <<< To: yourself,[email protected] 29559 <<< Subject: test 29559 <<< 29559 <<< This is a test. 29559 <<< . 29561 === CONNECT remote.host 29561 <<< 220 remote.host ESMTP Sendmail 8.7.5; Sun, 12 May 1996 08:06:47 -0600 (MDT) 29561 >>> EHLO your.host 29561 <<< 250-remote.host Hello [email protected] [206.54.76.122], pleased to meet you 29561 <<< 250-8BITMIME 29561 <<< 250-SIZE 29561 <<< 250-DSN 29561 <<< 250-VERB 29561 <<< 250-ONEX 29561 <<< 250 HELP 29561 >>> MAIL From:<[email protected]> SIZE=65 29561 <<< 250 <[email protected]>... Sender ok 29561 >>> RCPT To:<[email protected]> 29561 <<< 250 Recipient ok 29561 >>> DATA 29561 <<< 354 Enter mail, end with "." on a line by itself 29561 >>> The first line of data here, 29561 >>> the second line of data here, 29561 >>> and so on.
Notice that the process ID changes. After sendmail collects the message, it fork (2)s and exec (2)s to handle the actual delivery.
Because these transaction files include message bodies, they should be guarded. Never use the
-X
switch with the daemon unless you are prepared for a huge file and the possibility of disclosing message contents to nonprivileged users.
|
|
|
|
| 26.3 Signaling the Daemon |
|
26.5 Pitfalls |