Menu
I am running a FreeBSD server and I have been sent a warning that spam has been sent from my server. I do not have it set as an open relay and I have customized the sendmail configuration. I'd like to know who is sending what email along with their username, email subject line as well as a summary of how much mail they have been sending. I would like to run a report on a log similar to how it is done when processing Apache server logs.
What are my options?
760
This log is usually logged via syslog to /var/log/mail. log . If you're running systemd with syslog support disabled, you'll have to run journalctl -u <unitname> , where <unitname> is the name of your MTA's systemd unit - e.g. postfix or exim or sendmail .
To check if SMTP is working from the command line (Linux), is one critical aspect to be considered while setting up an email server. The most common way of checking SMTP from Command Line is using telnet, openssl or ncat (nc) command.
The sendmail command reads standard input for message text. The sendmail command sends a copy of the message to all addresses listed whenever it reads an end of the message character. The end of the message character is either an end-of-file (Ctrl-D) control sequence or a single period on a line.
As others have noted below, on most systems it's /var/log/maillog. On Solaris it's /var/adm/maillog. On Debian/Ubuntu it's /var/log/mail. log (note the dot).
One idea is to alias sendmail to be a custom script, which simply cats the sendmail arguments to the end of a log before calling sendmail in the usual manner.
73
You can also monitor all system calls to write and read functions by executing:
ps auxw | grep sendmail | awk '{print"-p " $2}' | xargs strace -s 256 -f 2>&1 | grep -E $'@|(([0-9]+\.){3}[0-9]+)' | tee -a "/var/log/sendmail-logs.log"
This will give you direct access to the information, you cannot go deeper I think.
27
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
