From owner-freebsd-questions@FreeBSD.ORG Wed Dec 13 23:22:45 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id F39ED16A40F for ; Wed, 13 Dec 2006 23:22:44 +0000 (UTC) (envelope-from tuaregmex@gmail.com) Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.171]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2D2C643C9E for ; Wed, 13 Dec 2006 23:21:11 +0000 (GMT) (envelope-from tuaregmex@gmail.com) Received: by ug-out-1314.google.com with SMTP id o2so296076uge for ; Wed, 13 Dec 2006 15:22:42 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=BArfM7IcPKpat0KJhfigBL5wHvOfzvwbGgdI3b1p1l1SXzznmZUxdqjDSQ3ZFbDRpb1MbjIZcL80VVSv38AgAU5V1x+ZoEQhllhMEDMhn6FFi3L+6vOirGeDYzoofXs97bzRWB0LzQDrsGz8+IWTRrfzcKBkuavPpAweyTUpPiQ= Received: by 10.78.200.3 with SMTP id x3mr208045huf.1166052161261; Wed, 13 Dec 2006 15:22:41 -0800 (PST) Received: by 10.78.161.19 with HTTP; Wed, 13 Dec 2006 15:22:41 -0800 (PST) Message-ID: <7a4a15bd0612131522t2942b44bo4412d1e16c6ed2e6@mail.gmail.com> Date: Wed, 13 Dec 2006 17:22:41 -0600 From: Tuareg To: Lane In-Reply-To: <200612131657.18164.lane@joeandlane.com> MIME-Version: 1.0 References: <20061206034909.27125.qmail@web37214.mail.mud.yahoo.com> <200612131447.28141.lane@joeandlane.com> <7a4a15bd0612131436j7d289ba8h989ba4400b72a3ad@mail.gmail.com> <200612131657.18164.lane@joeandlane.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-questions@freebsd.org Subject: Re: how do I see security logs without turning on sendmail? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Dec 2006 23:22:45 -0000 On 12/13/06, Lane wrote: > > Tuareg, > > Yours is a mystery. Exactly... I can't find how the server is sending the emails without having sendmail active. Let's see the output of > > tail -200 /var/log/maillog > > from the working machine. Ok, here we go.... Dec 13 00:00:00 myhost newsyslog[41433]: logfile turned over Dec 13 00:00:02 myhost sendmail[41485]: gethostbyaddr(xxx.xxx.xxx.xxx) failed: 1 Dec 13 00:00:02 myhost sendmail[41485]: kBD602j41485: from=root, size=137, class=0, nrcpts=1, msgid=< 200612130600.kBD602j41485@server.FreeBSD.4.6-RELEASE>, relay=root@localhost Dec 13 00:00:03 myhost sendmail[41488]: kBD602j41485: to= user@main.server.com, ctladdr=root (0/0), delay=00:00:01, xdelay=00:00:01, mailer=esmtp, pri=30137, relay=main.server.com. [xxx.xxx.xxx.xxx], dsn=2.0.0, stat=Sent (AYP95973 Message accepted for delivery) Dec 13 01:00:02 myhost sendmail[41626]: gethostbyaddr(xxx.xxx.xxx.xxx) failed: 1 Dec 13 01:00:03 myhost sendmail[41626]: kBD702J41626: from=root, size=137, class=0, nrcpts=1, msgid=< 200612130700.kBD702J41626@server.FreeBSD.4.6-RELEASE>, relay=root@localhost Dec 13 01:00:04 myhost sendmail[41629]: kBD702J41626: to= user@main.server.com, ctladdr=root (0/0), delay=00:00:02, xdelay=00:00:01, mailer=esmtp, pri=30137, relay=main.server.com. [xxx.xxx.xxx.xxx], dsn=2.0.0, stat=Sent (AYM94014 Message accepted for delivery) Dec 13 02:00:01 myhost sendmail[41741]: gethostbyaddr(xxx.xxx.xxx.xxx) failed: 1 Dec 13 02:00:01 myhost sendmail[41741]: kBD801C41741: from=root, size=137, class=0, nrcpts=1, msgid=< 200612130800.kBD801C41741@server.FreeBSD.4.6-RELEASE>, relay=root@localhost Dec 13 02:00:02 myhost sendmail[41744]: kBD801C41741: to= user@main.server.com, ctladdr=root (0/0), delay=00:00:01, xdelay=00:00:01, mailer=esmtp, pri=30137, relay=main.server.com. [xxx.xxx.xxx.xxx], dsn=2.0.0, stat=Sent (AYQ08859 Message accepted for delivery) Dec 13 03:00:01 myhost sendmail[41850]: gethostbyaddr(xxx.xxx.xxx.xxx) failed: 1 Dec 13 03:00:02 myhost sendmail[41850]: kBD901x41850: from=root, size=137, class=0, nrcpts=1, msgid=< 200612130900.kBD901x41850@server.FreeBSD.4.6-RELEASE>, relay=root@localhost Dec 13 03:00:03 myhost sendmail[41853]: kBD901x41850: to= user@main.server.com, ctladdr=root (0/0), delay=00:00:02, xdelay=00:00:01, mailer=esmtp, pri=30137, relay=main.server.com. [xxx.xxx.xxx.xxx], dsn=2.0.0, stat=Sent (AYX97507 Message accepted for delivery) Dec 13 04:00:01 myhost sendmail[41954]: gethostbyaddr(xxx.xxx.xxx.xxx) failed: 1 Dec 13 04:00:01 myhost sendmail[41954]: kBDA01S41954: from=root, size=137, class=0, nrcpts=1, msgid=< 200612131000.kBDA01S41954@server.FreeBSD.4.6-RELEASE>, relay=root@localhost Dec 13 04:00:02 myhost sendmail[41957]: kBDA01S41954: to= user@main.server.com, ctladdr=root (0/0), delay=00:00:01, xdelay=00:00:01, mailer=esmtp, pri=30137, relay=main.server.com. [xxx.xxx.xxx.xxx], dsn=2.0.0, stat=Sent (AYN10182 Message accepted for delivery) Dec 13 05:00:01 myhost sendmail[42057]: gethostbyaddr(xxx.xxx.xxx.xxx) failed: 1 Dec 13 05:00:02 myhost sendmail[42057]: kBDB01842057: from=root, size=137, class=0, nrcpts=1, msgid=< 200612131100.kBDB01842057@server.FreeBSD.4.6-RELEASE>, relay=root@localhost Dec 13 05:00:03 myhost sendmail[42060]: kBDB01842057: to= user@main.server.com, ctladdr=root (0/0), delay=00:00:02, xdelay=00:00:01, mailer=esmtp, pri=30137, relay=main.server.com. [xxx.xxx.xxx.xxx], dsn=2.0.0, stat=Sent (AYY07081 Message accepted for delivery) Dec 13 06:00:01 myhost sendmail[42160]: gethostbyaddr(xxx.xxx.xxx.xxx) failed: 1 Dec 13 06:00:01 myhost sendmail[42160]: kBDC01p42160: from=root, size=137, class=0, nrcpts=1, msgid=< 200612131200.kBDC01p42160@server.FreeBSD.4.6-RELEASE>, relay=root@localhost Dec 13 06:00:02 myhost sendmail[42163]: kBDC01p42160: to= user@main.server.com, ctladdr=root (0/0), delay=00:00:01, xdelay=00:00:01, mailer=esmtp, pri=30137, relay=main.server.com. [xxx.xxx.xxx.xxx], dsn=2.0.0, stat=Sent (AYQ28469 Message accepted for delivery) Dec 13 07:00:02 myhost sendmail[42257]: gethostbyaddr(xxx.xxx.xxx.xxx) failed: 1 Dec 13 07:00:02 myhost sendmail[42257]: kBDD02342257: from=root, size=137, class=0, nrcpts=1, msgid=< 200612131300.kBDD02342257@server.FreeBSD.4.6-RELEASE>, relay=root@localhost Dec 13 07:00:03 myhost sendmail[42260]: kBDD02342257: to= user@main.server.com, ctladdr=root (0/0), delay=00:00:01, xdelay=00:00:01, mailer=esmtp, pri=30137, relay=main.server.com. [xxx.xxx.xxx.xxx], dsn=2.0.0, stat=Sent (AYY16076 Message accepted for delivery) Dec 13 08:00:03 myhost sendmail[42364]: gethostbyaddr(xxx.xxx.xxx.xxx) failed: 1 Dec 13 08:00:03 myhost sendmail[42364]: kBDE03W42364: from=root, size=136, class=0, nrcpts=1, msgid=< 200612131400.kBDE03W42364@server.FreeBSD.4.6-RELEASE>, relay=root@localhost Dec 13 08:00:05 myhost sendmail[42367]: kBDE03W42364: to= user@main.server.com, ctladdr=root (0/0), delay=00:00:02, xdelay=00:00:02, mailer=esmtp, pri=30136, relay=main.server.com. [xxx.xxx.xxx.xxx], dsn=2.0.0, stat=Sent (AYQ38182 Message accepted for delivery) Dec 13 09:00:01 myhost sendmail[42461]: gethostbyaddr(xxx.xxx.xxx.xxx) failed: 1 Dec 13 09:00:01 myhost sendmail[42461]: kBDF01U42461: from=root, size=137, class=0, nrcpts=1, msgid=< 200612131500.kBDF01U42461@server.FreeBSD.4.6-RELEASE>, relay=root@localhost Dec 13 09:00:02 myhost sendmail[42464]: kBDF01U42461: to= user@main.server.com, ctladdr=root (0/0), delay=00:00:01, xdelay=00:00:01, mailer=esmtp, pri=30137, relay=main.server.com. [xxx.xxx.xxx.xxx], dsn=2.0.0, stat=Sent (AYY26346 Message accepted for delivery) Dec 13 10:00:02 myhost sendmail[42576]: gethostbyaddr(xxx.xxx.xxx.xxx) failed: 1 Dec 13 10:00:02 myhost sendmail[42576]: kBDG02i42576: from=root, size=137, class=0, nrcpts=1, msgid=< 200612131600.kBDG02i42576@server.FreeBSD.4.6-RELEASE>, relay=root@localhost Dec 13 10:00:03 myhost sendmail[42579]: kBDG02i42576: to= user@main.server.com, ctladdr=root (0/0), delay=00:00:01, xdelay=00:00:01, mailer=esmtp, pri=30137, relay=main.server.com. [xxx.xxx.xxx.xxx], dsn=2.0.0, stat=Sent (AYQ48491 Message accepted for delivery) Dec 13 11:00:02 myhost sendmail[42704]: gethostbyaddr(xxx.xxx.xxx.xxx) failed: 1 Dec 13 11:00:02 myhost sendmail[42704]: kBDH02T42704: from=root, size=136, class=0, nrcpts=1, msgid=< 200612131700.kBDH02T42704@server.FreeBSD.4.6-RELEASE>, relay=root@localhost Dec 13 11:00:03 myhost sendmail[42707]: kBDH02T42704: to= user@main.server.com, ctladdr=root (0/0), delay=00:00:01, xdelay=00:00:01, mailer=esmtp, pri=30136, relay=main.server.com. [xxx.xxx.xxx.xxx], dsn=2.0.0, stat=Sent (AYQ55071 Message accepted for delivery) Dec 13 12:00:01 myhost sendmail[42831]: gethostbyaddr(xxx.xxx.xxx.xxx) failed: 1 Dec 13 12:00:02 myhost sendmail[42831]: kBDI01Z42831: from=root, size=137, class=0, nrcpts=1, msgid=< 200612131800.kBDI01Z42831@server.FreeBSD.4.6-RELEASE>, relay=root@localhost Dec 13 12:00:04 myhost sendmail[42834]: kBDI01Z42831: to= user@main.server.com, ctladdr=root (0/0), delay=00:00:02, xdelay=00:00:02, mailer=esmtp, pri=30137, relay=main.server.com. [xxx.xxx.xxx.xxx], dsn=2.0.0, stat=Sent (AYY46161 Message accepted for delivery) Dec 13 13:00:04 myhost sendmail[42960]: gethostbyaddr(xxx.xxx.xxx.xxx) failed: 1 Dec 13 13:00:04 myhost sendmail[42960]: kBDJ04Q42960: from=root, size=137, class=0, nrcpts=1, msgid=< 200612131900.kBDJ04Q42960@server.FreeBSD.4.6-RELEASE>, relay=root@localhost Dec 13 13:00:07 myhost sendmail[42963]: kBDJ04Q42960: to= user@main.server.com, ctladdr=root (0/0), delay=00:00:03, xdelay=00:00:03, mailer=esmtp, pri=30137, relay=main.server.com. [xxx.xxx.xxx.xxx], dsn=2.0.0, stat=Sent (BAQ62230 Message accepted for delivery) Dec 13 14:00:01 myhost sendmail[43094]: gethostbyaddr(xxx.xxx.xxx.xxx) failed: 1 Dec 13 14:00:01 myhost sendmail[43094]: kBDK01143094: from=root, size=137, class=0, nrcpts=1, msgid=< 200612132000.kBDK01143094@server.FreeBSD.4.6-RELEASE>, relay=root@localhost Dec 13 14:00:02 myhost sendmail[43097]: kBDK01143094: to= user@main.server.com, ctladdr=root (0/0), delay=00:00:01, xdelay=00:00:01, mailer=esmtp, pri=30137, relay=main.server.com. [xxx.xxx.xxx.xxx], dsn=2.0.0, stat=Sent (BAQ70563 Message accepted for delivery) Dec 13 15:00:02 myhost sendmail[43227]: gethostbyaddr(xxx.xxx.xxx.xxx) failed: 1 Dec 13 15:00:02 myhost sendmail[43227]: kBDL02q43227: from=root, size=137, class=0, nrcpts=1, msgid=< 200612132100.kBDL02q43227@server.FreeBSD.4.6-RELEASE>, relay=root@localhost Dec 13 15:00:03 myhost sendmail[43230]: kBDL02q43227: to= user@main.server.com, ctladdr=root (0/0), delay=00:00:01, xdelay=00:00:01, mailer=esmtp, pri=30137, relay=main.server.com. [xxx.xxx.xxx.xxx], dsn=2.0.0, stat=Sent (AYQ87242 Message accepted for delivery) Dec 13 16:00:02 myhost sendmail[43362]: gethostbyaddr(xxx.xxx.xxx.xxx) failed: 1 Dec 13 16:00:02 myhost sendmail[43362]: kBDM02G43362: from=root, size=137, class=0, nrcpts=1, msgid=< 200612132200.kBDM02G43362@server.FreeBSD.4.6-RELEASE>, relay=root@localhost Dec 13 16:00:03 myhost sendmail[43365]: kBDM02G43362: to= user@main.server.com, ctladdr=root (0/0), delay=00:00:01, xdelay=00:00:01, mailer=esmtp, pri=30137, relay=main.server.com. [xxx.xxx.xxx.xxx], dsn=2.0.0, stat=Sent (AYN86757 Message accepted for delivery) Dec 13 17:00:02 myhost sendmail[43495]: gethostbyaddr(xxx.xxx.xxx.xxx) failed: 1 Dec 13 17:00:03 myhost sendmail[43495]: kBDN02743495: from=root, size=137, class=0, nrcpts=1, msgid=<200612132300.kBDN027434 95@server.FreeBSD.4.6-RELEASE>, relay=root@localhost Dec 13 17:00:04 myhost sendmail[43498]: kBDN02743495: to= user@main.server.com, ctladdr=root (0/0), delay=00:00:02, xdelay=00:00:01, mailer=esmtp, pri=30137, relay=main.server.com. [xxx.xxx.xxx.xxx], dsn=2.0.0, stat=Sent (AYY85233 Message accepted for delivery) Clearly there is no mta being started on boot. But I'm not familiar enough > with squid to say for sure that it is not the daemon in question. It may > be > that squid is configurable so that it could be delivering the log > messages. > > I'll make it and see what I can see. > > In the mean time, if anyone else has some ready experience to say for > certain > that this is probably what's happening, then jump right in. > > lane > Thank you very much for your help.