Date: Wed, 13 Dec 2006 17:33:32 -0600 From: Lane <lane@joeandlane.com> To: freebsd-questions@freebsd.org Subject: Re: how do I see security logs without turning on sendmail? Message-ID: <200612131733.32763.lane@joeandlane.com> In-Reply-To: <7a4a15bd0612131522t2942b44bo4412d1e16c6ed2e6@mail.gmail.com> References: <20061206034909.27125.qmail@web37214.mail.mud.yahoo.com> <200612131657.18164.lane@joeandlane.com> <7a4a15bd0612131522t2942b44bo4412d1e16c6ed2e6@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wednesday 13 December 2006 17:22, Tuareg wrote: > On 12/13/06, Lane <lane@joeandlane.com> wrote: > > Tuareg, > > > > Yours is a mystery. > > Exactly... I can't find how the server is sending the emails without > having sendmail active. > > Let's see the output of > > > tail -200 /var/log/maillog > > > > from the working machine. > > Ok, here we go.... > > Dec 13 00:00:00 myhost newsyslog[41433]: logfile turned over > Dec 13 00:00:02 myhost sendmail[41485]: gethostbyaddr(xxx.xxx.xxx.xxx) > failed: 1 > Dec 13 00:00:02 myhost sendmail[41485]: kBD602j41485: from=root, size=137, > class=0, nrcpts=1, msgid=< > 200612130600.kBD602j41485@server.FreeBSD.4.6-RELEASE>, relay=root@localhost > Dec 13 00:00:03 myhost sendmail[41488]: kBD602j41485: to= > user@main.server.com, ctladdr=root (0/0), delay=00:00:01, xdelay=00:00:01, > mailer=esmtp, pri=30137, relay=main.server.com. [xxx.xxx.xxx.xxx], > dsn=2.0.0, stat=Sent (AYP95973 Message accepted for delivery) > Dec 13 01:00:02 myhost sendmail[41626]: gethostbyaddr(xxx.xxx.xxx.xxx) > failed: 1 > Dec 13 01:00:03 myhost sendmail[41626]: kBD702J41626: from=root, size=137, > class=0, nrcpts=1, msgid=< > 200612130700.kBD702J41626@server.FreeBSD.4.6-RELEASE>, relay=root@localhost > Dec 13 01:00:04 myhost sendmail[41629]: kBD702J41626: to= > user@main.server.com, ctladdr=root (0/0), delay=00:00:02, xdelay=00:00:01, > mailer=esmtp, pri=30137, relay=main.server.com. [xxx.xxx.xxx.xxx], > dsn=2.0.0, stat=Sent (AYM94014 Message accepted for delivery) Tuareg, clearly sendmail is running. That is indicated by "sendmail[41626]" in your /var/log/sendmail log. The question, of course, is how does it get started. The answer is still mysterious ... unless, of course, it is being managed by squid. In that case it might not be running as a daemon process, but could be invoked by squid when it needs to send mail. But I'm just guessing at this point. I really don't know enough about squid to give you an authoritative answer. I've got to step out for a few hours, but I'll see what I can find out on squid and get back to you in the morning. lane
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200612131733.32763.lane>