From owner-freebsd-questions Wed Nov 5 17:57:05 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id RAA28780 for questions-outgoing; Wed, 5 Nov 1997 17:57:05 -0800 (PST) (envelope-from owner-freebsd-questions) Received: from gdi.uoregon.edu (gdi.uoregon.edu [128.223.170.30]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id RAA28768 for ; Wed, 5 Nov 1997 17:57:01 -0800 (PST) (envelope-from dwhite@gdi.uoregon.edu) Received: from localhost (dwhite@localhost) by gdi.uoregon.edu (8.8.7/8.8.7) with SMTP id RAA01641; Wed, 5 Nov 1997 17:56:49 -0800 (PST) (envelope-from dwhite@gdi.uoregon.edu) Date: Wed, 5 Nov 1997 17:56:49 -0800 (PST) From: Doug White Reply-To: Doug White To: chas cc: freebsd-questions@FreeBSD.ORG Subject: Re: exploding maillog In-Reply-To: <3.0.32.19971106005435.00980a80@neuronet.com.my> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Thu, 6 Nov 1997, chas wrote: > /var/log/maillog is growing at about 1 MB every 15 minutes. > and is full of the same message : > > Nov 5 23:18:43 dove sendmail[12394]: XAA12394: from=, size=0, > class=0, pri=0, nrcpts=0, proto=SMTP, relay=[202.186.208.2] > Nov 5 23:18:43 dove sendmail[12395]: XAA12395: from=, size=0, > class=0, pri=0, nrcpts=0, proto=SMTP, relay=[202.186.208.2] > Nov 5 23:18:44 dove sendmail[12396]: XAA12396: from=, size=0, > class=0, pri=0, nrcpts=0, proto=SMTP, relay=[202.186.208.2] > > Can't do a reverse lookup on 202.186.208.2 but found out that > it is bridgestone.com.my (pinging this will resolve the IP fine) How nice. :-/ > Is the exploding maillog due to this mac's dns or mailer ? > Or is it also due to misconfiguration on my own machine ? THe machine sending you the message keeps dropping out. Either they're having serious problems or you have some sort of mail rule enabled that squashes them. > Before my /var filesystem fills yet again, is there any way to > turn off logging just for this one mailhost ? Or is there a better > way to deal with this (bearing in mind that we do want to receive > mail from bridgestone.com.my since we know people there) Set up a cron task to have newsyslog(8) turn maillog on a tight rotation. If you have more space on /usr and want to keep more of the logs, you could symlink maillog over there (or move the archives there). Doug White | University of Oregon Internet: dwhite@resnet.uoregon.edu | Residence Networking Assistant http://gladstone.uoregon.edu/~dwhite | Computer Science Major