Re: [exim] logging lmtp delivery

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: W B Hacker
Dátum:  
Címzett: exim users
Tárgy: Re: [exim] logging lmtp delivery
Ian Eiloart wrote:
> Hi,
>
> I'm testing a configuration that uses local delivery to an lmtp socket, for
> the first time. Previously, I was delivery by lmtp over tcp.
>
> Deliveries are working fine, but not being logged. Why would that be?
>
> I have log_selector set to:
> log_selector = +all -incoming_port -pid
>
> A message delivery is logged like this:
>
> 01-27 16:05:50 SMTP connection from [139.184.32.17] I=[139.184.32.17]:25
>     (TCP/IP connection count = 1)

>
> 2009-01-27 16:05:57 KE50PW-000M44-HP H=eqsmtp.susx.ac.uk (foo)
>     [139.184.32.17] I=[139.184.32.17]:25 Warning: ; sender: 139.184.32.17 
> protocol:
>     smtp stc: s-unlimited return_path: foo@???
>     client: <EKE50PW-000M44-HP@???>

>
> 2009-01-27 16:05:57 KE50PW-000M44-HP <= foo@???
>     H=eqsmtp.susx.ac.uk (foo) [139.184.32.17] I=[139.184.32.17]:25
>     P=smtp S=413 T="test smtp on ramsay" from <foo@???> for 
> foo@???

>
> 2009-01-27 16:06:00 SMTP connection
>     from eqsmtp.susx.ac.uk (foo) [139.184.32.17] I=[139.184.32.17]:25
>     closed by QUIT

>
> (I've added whitespace, and replaced "iane" with "foo", but not otherwise
> obfuscated the log entries).
>
> My transport configuration looks like this:
>
> cyrus_lmtp_rew:
>     driver = lmtp
>     batch_max = 500
>     user = exim
>     rcpt_include_affixes
>     delivery_date_add
>     disable_logging = false
>     hide headers_remove = \
>         Bcc \
>         FNAME_REWRITE_REMOVAL \
>         REMOVE_LONG_HEADERS
>     hide headers_add = \
>         X-Sussex: true \
>         \nX-Sussex-transport: remote_lmtp_rew \
>         FNAME_REWRITE_REPLACEMENT \
>         REPLACE_LONG_HEADERS
>     socket = /opt/local/etc/cyrus/socket/lmtpproxy

>
> At first, I had no disable_logging setting, but the docs say it defaults to
> false. I tried adding disable_logging = false, then disable_logging = true,
> but none of these settings appears to make any difference.
>


That's a bit of a puzzle, IMHO.

The log of your post is why I think so:

2009-01-27 16:44:30 1LRr2o-0001DY-NX <=
exim-users-bounces+conducive.org@??? H=tahini.csx.cam.ac.uk
[131.111.8.192]:60433 I=[203.194.153.81]:25 P=esmtp S=4392
id=39F7381F15530AEA85CB9205@??? T="[exim]
logging lmtp delivery" from <exim-users-bounces+conducive.org@???>
for wbh@???

2009-01-27 16:44:30 1LRr2o-0001DY-NX => wbh <wbh@???>
F=<exim-users-bounces+conducive.org@???>
P=<exim-users-bounces+conducive.org@???> R=db_archiver
T=archive_delivery S=4527 QT=20s DT=0s

2009-01-27 16:44:30 1LRr2o-0001DY-NX => wbh <wbh@???>
F=<exim-users-bounces+conducive.org@???>
P=<exim-users-bounces+conducive.org@???> R=db_user T=db_delivery
S=3871 QT=20s DT=0s

2009-01-27 16:44:30 1LRr2o-0001DY-NX Completed QT=20s

Note the 'R=' and 'T=' above, showing both the to-user
(db_user/delivery) and to-archive with unseen
(db_archiver/archive_delivery).

All of these are file writes, TCP not involved.

'db' just indicates from whence the user info was sourced (as opposed to
shell, system aliases, et al).

What is similar is that your 'socket', also no-TCP-involved, and a type
of file write, should show its router and transport in a like manner.

Unless there is a selective bug where lmtp is involved...

And/or... Exim believes that any logging w/r that socket is syslog's
job, not Exim's?

EX: I use sockets for both SA and Clamd. Exim logs these *only* if it
cannot connect (if they are not running).

But both of them show Exim's connections in /var/log/maillog

Have you checked there?

Bill