View Single Post
  #3  
Old 21st October 2006, 15:27
jwan jwan is offline
Junior Member
 
Join Date: Oct 2006
Posts: 23
Thanks: 0
Thanked 0 Times in 0 Posts
Default

here is sample log...

*note: web1_user1, web2_user2, domain1.com, domain2.com where all renamed for security reason, all does exist

Oct 21 21:13:28 ubuntu courierpop3login: Connection, ip=[::ffff:127.0.0.1]
Oct 21 21:13:28 ubuntu courierpop3login: LOGIN, user=web1_user, ip=[::ffff:127.0.0.1]
Oct 21 21:13:28 ubuntu courierpop3login: LOGOUT, user=web1_user, ip=[::ffff:127.0.0.1], top=8485, retr=0, time=0
Oct 21 21:15:26 ubuntu courierpop3login: Connection, ip=[::ffff:127.0.0.1]
Oct 21 21:15:26 ubuntu courierpop3login: LOGIN, user=web1_user, ip=[::ffff:127.0.0.1]
Oct 21 21:15:27 ubuntu courierpop3login: LOGOUT, user=web1_user, ip=[::ffff:127.0.0.1], top=8055, retr=0, time=1
Oct 21 21:15:49 ubuntu postfix/smtpd[19781]: connect from localhost.localdomain[127.0.0.1]
Oct 21 21:15:49 ubuntu postfix/smtpd[19781]: BE39CFF4134: client=localhost.localdomain[127.0.0.1]
Oct 21 21:15:49 ubuntu postfix/cleanup[19782]: BE39CFF4134: message-id=<20061021131549.BE39CFF4134@ubuntu.domain1.com>
Oct 21 21:15:49 ubuntu postfix/qmgr[23325]: BE39CFF4134: from=<user@domain1.com>, size=779, nrcpt=1 (queue active)
Oct 21 21:15:49 ubuntu postfix/smtpd[19781]: disconnect from localhost.localdomain[127.0.0.1]
Oct 21 21:15:49 ubuntu courierpop3login: Connection, ip=[::ffff:127.0.0.1]
Oct 21 21:15:49 ubuntu courierpop3login: LOGIN, user=web1_user, ip=[::ffff:127.0.0.1]
Oct 21 21:15:49 ubuntu courierpop3login: LOGOUT, user=web1_user, ip=[::ffff:127.0.0.1], top=0, retr=0, time=0
Oct 21 21:16:00 ubuntu postfix/smtpd[19781]: connect from c-71-235-122-79.hsd1.ma.comcast.net[71.235.122.79]
Oct 21 21:16:01 ubuntu postfix/smtpd[19781]: 73FC2FF4420: client=c-71-235-122-79.hsd1.ma.comcast.net[71.235.122.79]
Oct 21 21:16:02 ubuntu postfix/smtp[19783]: BE39CFF4134: to=<user@domain2.com>, relay=mail.systembay.com[210.213.196.95], delay=13, status=sent (250 Ok: queued as 118926D0066)
Oct 21 21:16:02 ubuntu postfix/qmgr[23325]: BE39CFF4134: removed
Oct 21 21:16:02 ubuntu postfix/cleanup[19782]: 73FC2FF4420: message-id=<453A1D9D.3040300@pritikin.com>
Oct 21 21:16:03 ubuntu postfix/qmgr[23325]: 73FC2FF4420: from=<wclyzg@pritikin.com>, size=18513, nrcpt=1 (queue active)
Oct 21 21:16:04 ubuntu postfix/smtpd[19781]: disconnect from c-71-235-122-79.hsd1.ma.comcast.net[71.235.122.79]
Oct 21 21:16:04 ubuntu postfix/pickup[18482]: 42EA3FF45BF: uid=10009 from=<web1_user2>
Oct 21 21:16:04 ubuntu postfix/cleanup[19782]: 42EA3FF45BF: message-id=<20061021131604.42EA3FF45BF@ubuntu.domain1.com>
Oct 21 21:16:04 ubuntu postfix/qmgr[23325]: 42EA3FF45BF: from=<web1_user2@ubuntu.domain1.com>, size=412, nrcpt=1 (queue active)
Oct 21 21:16:04 ubuntu postfix/local[19820]: 42EA3FF45BF: to=<admispconfig@localhost.localdomain>, relay=local, delay=1, status=sent (delivered to command: /usr/bin/procmail -f-)
Oct 21 21:16:04 ubuntu postfix/qmgr[23325]: 42EA3FF45BF: removed
Oct 21 21:16:09 ubuntu postfix/local[19801]: 73FC2FF4420: to=<web1_user2@ubuntu.domain1.com>, orig_to=<user2@domain1.com>, relay=local, delay=8, status=sent (delivered to command: /usr/bin/procmail -f-)
Oct 21 21:16:09 ubuntu postfix/qmgr[23325]: 73FC2FF4420: removed

The above is a result of web1_user1 sending email to user@domain1.com to user@domain2.com. In the middle of operation perhaps somebody sending something to web1_user2.

Anyway, my problem is that the log is not very detailed. And yes, my mistake... should be /var/log/

jwan
Reply With Quote