On Wed, 21 Jan 1998, Sherwood Botsford wrote:
> A command line flag from exim that said "What would you do with
> <address>" and modifying the function code so that if this flag was set,
> it would log a message as a side effect.
Yes, that was exactly the suggestion I noted from the previous
discussion.
> Problem is that every one of these checks that you add slows down
> exim. And with the spam problem being what it is, making exim fast
> becomes more significant.
True, but machines are getting faster all the time, and little boolean
tests are not great consumers of processor time, compared with setting
up TCP/IP connections, doing DNS lookups, opening/reading files, etc.,
all of which Exim does a lot of.
> Perhaps the long term solution is to split exim into two programs.
> One is a production program that is used for routine. The other is exim-diag
> with all the debug/testing/administation code in it.
For some programs (e.g. my PCRE library) being able to compile with and
without debugging code makes a lot of sense. I'm not sure the same is
true with an MTA, because when you want to see what it is doing, you
want simply to turn on the debugging output in the production binary,
without having to run (or even compile) a different program. A different
program may do different things...
> This also makes the production code smaller, and easier to check
> for security.
I wonder, out of interest, what percentage of Exim code would vanish if
all the DEBUG(x) statements were omitted? I suspect not a huge amount.
Perhaps I should have surrounded all of these with #ifdef INCLUDE_DEBUG,
so that we could find out...
> I've found some programs that debug instead of being monotonic,
> works by flags. Thatis
>
> 1=file opens
> 2=dbm searches
> 4=changining euid/egid
> 10=SMTP transaction
> 20=DNS lookups
> 40=local delivery
> 100=...
>
> (I'm not advocating this list in particular.)
>
> Then if you are trying to spot a particular problem you invoke
> exim with a particular flag. E.g. exim -d30 would run with DSN
> and SMTP being logged.
As I'm sure you are aware, the current -d options just give more and
more information depending on the value of the argument. I must say that
for myself, I find I either use -d to get minimal information, or -d9 to
get all of it (occasionally -d10 to get DNS resolver debugging). Would
people really pay attention to a long list so that they would use values
like -d1057?
--
Philip Hazel University Computing Service,
ph10@??? New Museums Site, Cambridge CB2 3QG,
P.Hazel@??? England. Phone: +44 1223 334714
--
*** Exim information can be found at
http://www.exim.org/ ***
