Sendmail log messages

Jerry Feldman gaf-mNDKBlG2WHs at public.gmane.org
Thu Feb 5 08:56:50 EST 2009


I frequently have to look at our sendmail log messages to try to=20
troubleshoot problems (mostly not ours).  Usually, the complaint is "I'm =

not getting my mail from a listserv". We used to use postscript where=20
the log messages were a bit easier to track. I usually use vi, and drill =

down to the approximate date and time, then to the recipient. If the=20
recipient is subscribed to a single list it is simple, but what if a=20
recipient is subscribed to multiple lists and is complaining about only=20
1 list. In the specific case I looked at the other day, it appeared that =

an ISP was blocking email from one of our lists, but not the others.=20
What postscript had was both a sender and recipient in the same log=20
message but not in sendmail. Certainly, you can use the message id to=20
track back. This is a message I chose at random and happens to be a=20
valid member of one of our listservs. Basically, the sendmail logs are=20
reasonably complete.

Feb  1 04:09:50 <my host> sendmail[7299]: n0S0bDlQ024077:=20
to=3D<some.person at someISP>, delay=3D4+08:31:32, xdelay=3D00:00:00,=20
mailer=3Desmtp, pri=3D9536056, relay=3DsomeISP., dsn=3D4.0.0, stat=3DDefe=
rred:=20
Connection timed out with someISP.

What I'm looking for is a tool that would make it easier to analyze the=20
sendmail logs.  I actually wrote a tool a few years ago to remove=20
elements from the mailq based on a search criteria.  What I might want=20
to do is to set up a query where I want to see emails send to=20
foo-+RB1Aph5k6s at public.gmane.org between Date:time and present, sent by alist-YHpwi2ejnU4 at public.gmane.org Most=20
of the time, when I look at the logs, I see that the email has been sent =

(eg stat=3Dsent) and I can tell the recipient that it went to his ISP.=20
With postscript I could generally do this using a few greps:
sudo grep  'to=3D<some.person at someISP' /var/log/maillog | grep "^Feb 3" |=
 =20
grep "from=3D<alist-mNDKBlG2WHs at public.gmane.org'

But, on sendmail, since the to and from are in different log messages,=20
it is more difficult.

--=20
Jerry Feldman <gaf-mNDKBlG2WHs at public.gmane.org>
Boston Linux and Unix
PGP key id: 537C5846
PGP Key fingerprint: 3D1B 8377 A3C0 A5F2 ECBB  CA3B 4607 4319 537C 5846







More information about the Discuss mailing list