start page | rating of books | rating of authors | reviews | copyrights

sendmail

sendmailSearch this book
Previous: 26.3 Signaling the Daemon Chapter 26
Logging and Statistics
Next: 26.5 Pitfalls
 

26.4 Log Transactions with -X

Beginning with V8.2 sendmail , the -X command-line switch can be used to record all input and output, SMTP traffic, and other significant transactions. The form of the -X (transaction) command-line switch looks like this:

-X 

file

Space between the -X and the file is optional. The file may be specified as either as a full or a relative pathname. For security the -X command-line switch always causes sendmail to give up its root privilege unless it was run by root . If the transaction file cannot be opened for writing, the following error is printed and no logging is done:

cannot open 

file

Otherwise, the file is opened in append mode, and each line that is written to it looks like this:



pid what detail

The pid is the process identification number of the sendmail that added the line. The what is one of these three symbols:

<<<

This is input. It is either text that is read on the standard input or parts of an SMTP dialog that were read on a socket connection.

>>>

This is output. It is either something that sendmail printed to its standard output, or something that it sent over an SMTP connection.

===

This is an event. The only two events that are currently logged are CONNECT for connection to a host and EXEC for execution of a delivery agent.

To illustrate, consider sending a mail message to yourself and to a friend at another site:

% 

/usr/lib/sendmail -X /tmp/xfile -oQ/tmp yourself,[email protected]

 To: yourself,[email protected] Subject: test  This is a test. .

These few lines of input produce a long /tmp/xfile . The first few lines of that file are illustrative:

29559 <<< To: yourself,[email protected] 29559 <<< Subject: test 29559 <<<  29559 <<< This is a test. 29559 <<< . 29561 === CONNECT remote.host 29561 <<< 220 remote.host ESMTP Sendmail 8.7.5; Sun, 12 May 1996 08:06:47 -0600 (MDT) 29561 >>> EHLO your.host 29561 <<< 250-remote.host Hello [email protected] [206.54.76.122], pleased to meet you 29561 <<< 250-8BITMIME 29561 <<< 250-SIZE 29561 <<< 250-DSN 29561 <<< 250-VERB 29561 <<< 250-ONEX 29561 <<< 250 HELP 29561 >>> MAIL From:<[email protected]> SIZE=65 29561 <<< 250 <[email protected]>... Sender ok 29561 >>> RCPT To:<[email protected]> 29561 <<< 250 Recipient ok 29561 >>> DATA 29561 <<< 354 Enter mail, end with "." on a line by itself 29561 >>> 
The first line of data here,
 29561 >>> 
the second line of data here,
 29561 >>> 
and so on.

Notice that the process ID changes. After sendmail collects the message, it fork (2)s and exec (2)s to handle the actual delivery.

Because these transaction files include message bodies, they should be guarded. Never use the -X switch with the daemon unless you are prepared for a huge file and the possibility of disclosing message contents to nonprivileged users.


Previous: 26.3 Signaling the Daemon sendmail Next: 26.5 Pitfalls
26.3 Signaling the Daemon Book Index 26.5 Pitfalls