October 30, 2014
 
 
RSSRSS feed

Tuneups and Tweaks for the Better Spam-Trap - page 3

Postfix Soft Bounces

  • October 7, 2004
  • By Carla Schroder

Every piece of this puzzle has its own logfile. These are the logfiles to pay the most attention to:

  • /var/log/syslog
  • /var/log/amavis.log
  • /var/log/mail.log

Refer to /etc/syslog.conf to find the locations for your various syslogs. Amavisd-new should be configured to have its own logfile, instead of dumping everything into /var/log/syslog. See Section III in amavisd.conf:

# true (e.g. 1) => syslog;  false (e.g. 0) => logging to file
$DO_SYSLOG = 0;                 # (defaults to false)


# Log file (if not using syslog)
$LOGFILE = "/var/log/amavis.log"; 
$log_level =0;

The higher the log level, the more verbose. If you are having problems, kick it up to level 3 for debugging. It goes all the way up to level 5, if you really get stuck. Once everything is working smoothly, level 0 is fine. This records startup, exit, and failure messages, and lists viruses detected. You don't want to leave the log level high, unless you enjoy rapidly filling your drives, and generating oceans of output to wade through.

/var/log/mail.log is for Postfix. The different Postfix processes each generate their own log entries: master, smtpd, cleanup, qmgr, cleanup, postfix-script, and smtp. Here's snippet showing Amavisd-new and ClamAV starting up:

Aug 21 12:54:25 windbag amavis[973]: Using internal av scanner code for (primary) Clam Antivirus-clamd
Aug 21 12:54:25 windbag amavis[973]: Found secondary av scanner Clam Antivirus - clamscan at /usr/bin/clamscan
Aug 21 12:54:39 windbag postfix/postfix-script: starting the Postfix mail system
Aug 21 12:54:39 windbag postfix/master[1195]: daemon started -- version 2.1.3

Postfix has the loveliest way of setting your logging levels: if you have problems with a particular domain, you can increase the log level for that domain only. Let's say that mail from a user with a yahoo.com address is not getting through. In main.cf , use the debug_peer_level directive :

debug_peer_list = yahoo.com
debug_peer_level = 3

Run postfix reload, then send messages to your server from yahoo.com and see what happens. Use this simple regexp to quickly find errors in the Postfix log:

$ egrep '(reject|warning|error|fatal|panic):' /var/log/mail.log

See Postfix's DEBUG_README for a complete debugging howto.

Resources

[Editor's Note: This article orginally appeared on the Jupiterweb site Enterprise Networking Planet. -BKP]

Sitemap | Contact Us