#1  
Old 19th November 2006, 13:49
eldaria eldaria is offline
Junior Member
 
Join Date: Apr 2006
Posts: 27
Thanks: 0
Thanked 0 Times in 0 Posts
Question Postfix Spamming syslog.

I followed the Perfect Edgy setp, and have a bit of a nucians with postfix.

Is it possible to have postfix send all the smtp relqated reports to something else than /var/log/syslog?

The thing is on a busy system , I get so much stuff in syslog from postifx that it is difficult to find other system events.
It would be nicer if postfix would send it's information to something like /var/log/postifx and only log important info to syslog, such as startup and shutdown or errors.

Just an example of how much crap it log to syslog.
Code:
Nov 19 12:48:28 lnx1 postfix/smtpd[18279]: BDCEE9003C: client=216-114-50.132110.adsl.tele2.no[193.216.114.50]
Nov 19 12:48:29 lnx1 postfix/cleanup[18285]: BDCEE9003C: message-id=<1243264205.20061119063727@gmsoffers.com>
Nov 19 12:48:30 lnx1 postfix/qmgr[6024]: BDCEE9003C: from=<delta@gmsoffers.com>, size=9946, nrcpt=1 (queue active)
Nov 19 12:48:30 lnx1 postfix/pickup[17283]: 3413F90111: uid=10001 from=<web1_**removed*>
Nov 19 12:48:30 lnx1 postfix/cleanup[18285]: 3413F90111: message-id=<20061119114830.3413F90111@lnx1.**removed*.net>
Nov 19 12:48:30 lnx1 postfix/qmgr[6024]: 3413F90111: from=<web1_**removed*@lnx1.**removed*.net>, size=383, nrcpt=1 (queue active)
Nov 19 12:48:30 lnx1 postfix/local[18303]: 3413F90111: to=<admispconfig@localhost.localdomain>, relay=local, delay=0, status=sent (delivered to command: /usr/bin/procmail -f-)
Nov 19 12:48:30 lnx1 postfix/qmgr[6024]: 3413F90111: removed
Nov 19 12:48:30 lnx1 postfix/smtpd[18279]: NOQUEUE: reject: RCPT from 216-114-50.132110.adsl.tele2.no[193.216.114.50]: 550 <info@**removed*.net>: Recipient address rejected: User unknown in local recipient table; from=<istarnetl@grandeye.com> to=<info@**removed*.net> proto=SMTP helo=<143106416>
Nov 19 12:48:31 lnx1 postfix/smtpd[18279]: A52E39010F: client=216-114-50.132110.adsl.tele2.no[193.216.114.50]
Nov 19 12:48:32 lnx1 postfix/cleanup[18285]: A52E39010F: message-id=<1863876875.20061119063730@greeneandson.com>
Nov 19 12:48:33 lnx1 postfix/qmgr[6024]: A52E39010F: from=<istally@greeneandson.com>, size=9566, nrcpt=1 (queue active)
Nov 19 12:48:33 lnx1 postfix/pickup[17283]: B9F52901AD: uid=10001 from=<web1_**removed*>
Nov 19 12:48:33 lnx1 postfix/cleanup[18285]: B9F52901AD: message-id=<20061119114833.B9F52901AD@lnx1.**removed*.net>
Nov 19 12:48:33 lnx1 postfix/qmgr[6024]: B9F52901AD: from=<web1_**removed*@lnx1.**removed*.net>, size=383, nrcpt=1 (queue active)
Nov 19 12:48:33 lnx1 postfix/local[18337]: B9F52901AD: to=<admispconfig@localhost.localdomain>, relay=local, delay=0, status=sent (delivered to command: /usr/bin/procmail -f-)
Nov 19 12:48:33 lnx1 postfix/qmgr[6024]: B9F52901AD: removed
Nov 19 12:48:33 lnx1 postfix/smtpd[18279]: disconnect from 216-114-50.132110.adsl.tele2.no[193.216.114.50]
Nov 19 12:48:34 lnx1 postfix/local[18286]: BDCEE9003C: to=<web1_**removed*@lnx1.**removed*.net>, orig_to=<webmaster@**removed*.net>, relay=local, delay=6, status=sent (delivered to command: /usr/bin/procmail -f-)
Nov 19 12:48:34 lnx1 postfix/qmgr[6024]: BDCEE9003C: removed
Nov 19 12:48:37 lnx1 postfix/local[18303]: A52E39010F: to=<web1_**removed*@lnx1.**removed*.net>, orig_to=<**removed*@**removed*.net>, relay=local, delay=6, status=sent (delivered to command: /usr/bin/procmail -f-)
Nov 19 12:48:37 lnx1 postfix/qmgr[6024]: A52E39010F: removed
Nov 19 12:51:53 lnx1 postfix/anvil[18281]: statistics: max connection rate 1/60s for (smtp:193.216.114.50) at Nov 19 12:48:26
Nov 19 12:51:53 lnx1 postfix/anvil[18281]: statistics: max connection count 1 for (smtp:193.216.114.50) at Nov 19 12:48:26
Nov 19 12:51:53 lnx1 postfix/anvil[18281]: statistics: max cache size 1 at Nov 19 12:48:26
Nov 19 12:58:16 lnx1 postfix/smtpd[18485]: connect from unknown[192.168.1.3]
Nov 19 12:58:16 lnx1 postfix/smtpd[18485]: setting up TLS connection from unknown[192.168.1.3]
Nov 19 12:58:17 lnx1 postfix/smtpd[18485]: TLS connection established from unknown[192.168.1.3]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
Nov 19 12:58:17 lnx1 postfix/smtpd[18485]: 2DEFA90117: client=unknown[192.168.1.3], sasl_method=PLAIN, sasl_username=web1_**removed*
Nov 19 12:58:17 lnx1 postfix/cleanup[18489]: 2DEFA90117: message-id=<200611191257.41403.**removed*@**removed*.net>
Nov 19 12:58:17 lnx1 postfix/qmgr[6024]: 2DEFA90117: from=<**removed*@**removed*.net>, size=5531, nrcpt=1 (queue active)
Nov 19 12:58:17 lnx1 postfix/smtpd[18485]: disconnect from unknown[192.168.1.3]
Nov 19 12:58:18 lnx1 postfix/smtp[18492]: 2DEFA90117: to=<**removed*.levinsen@bt.com>, relay=smtp.orange.nl[193.252.22.251], delay=1, status=sent (250 Ok: queued as 7EADD7000084)
Nov 19 12:58:18 lnx1 postfix/qmgr[6024]: 2DEFA90117: removed
Nov 19 13:00:01 lnx1 /USR/SBIN/CRON[18515]: (root) CMD (/root/ispconfig/php/php /root/ispconfig/scripts/shell/check_services.php &> /dev/null)
Nov 19 13:00:01 lnx1 proftpd[18518]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - FTP session opened.
Nov 19 13:00:01 lnx1 proftpd[18518]: localhost.localdomain (localhost.localdomain[127.0.0.1]) - FTP session closed.
Nov 19 13:01:37 lnx1 postfix/anvil[18487]: statistics: max connection rate 1/60s for (smtp:192.168.1.3) at Nov 19 12:58:16
Nov 19 13:01:37 lnx1 postfix/anvil[18487]: statistics: max connection count 1 for (smtp:192.168.1.3) at Nov 19 12:58:16
Nov 19 13:01:37 lnx1 postfix/anvil[18487]: statistics: max cache size 1 at Nov 19 12:58:16
Nov 19 13:02:46 lnx1 postfix/smtpd[18559]: connect from 50.185.101-84.rev.gaoland.net[84.101.185.50]
Nov 19 13:02:47 lnx1 postfix/smtpd[18559]: NOQUEUE: reject: RCPT from 50.185.101-84.rev.gaoland.net[84.101.185.50]: 550 <jessica@**removed*.net>: Recipient address rejected: User unknown in local recipient table; from=<juhao@cbinet.com> to=<jessica@**removed*.net> proto=SMTP helo=<cbinet.com>
Nov 19 13:02:47 lnx1 postfix/smtpd[18559]: lost connection after RCPT from 50.185.101-84.rev.gaoland.net[84.101.185.50]
Nov 19 13:02:47 lnx1 postfix/smtpd[18559]: disconnect from 50.185.101-84.rev.gaoland.net[84.101.185.50]
Nov 19 13:04:58 lnx1 postfix/smtpd[18592]: connect from s87.loopia.se[194.9.94.113]
Nov 19 13:04:59 lnx1 postfix/smtpd[18592]: setting up TLS connection from s87.loopia.se[194.9.94.113]
Nov 19 13:04:59 lnx1 postfix/smtpd[18592]: TLS connection established from s87.loopia.se[194.9.94.113]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
Nov 19 13:04:59 lnx1 postfix/smtpd[18592]: 928908C8E1: client=s87.loopia.se[194.9.94.113]
Nov 19 13:04:59 lnx1 postfix/cleanup[18593]: 928908C8E1: message-id=<7a9092a953186e14b456007041159dbb@www.**removed*.se>
Nov 19 13:04:59 lnx1 postfix/qmgr[6024]: 928908C8E1: from=<www@s59.loopia.se>, size=2278, nrcpt=1 (queue active)
Nov 19 13:04:59 lnx1 postfix/smtpd[18592]: disconnect from s87.loopia.se[194.9.94.113]
Nov 19 13:05:00 lnx1 postfix/pickup[17283]: 1955D90039: uid=10001 from=<web1_**removed*>
Nov 19 13:05:00 lnx1 postfix/cleanup[18593]: 1955D90039: message-id=<20061119120500.1955D90039@lnx1.**removed*.net>
Nov 19 13:05:00 lnx1 postfix/qmgr[6024]: 1955D90039: from=<web1_**removed*@lnx1.**removed*.net>, size=383, nrcpt=1 (queue active)
Nov 19 13:05:00 lnx1 postfix/local[18611]: 1955D90039: to=<admispconfig@localhost.localdomain>, relay=local, delay=0, status=sent (delivered to command: /usr/bin/procmail -f-)
Nov 19 13:05:00 lnx1 postfix/qmgr[6024]: 1955D90039: removed
Nov 19 13:05:07 lnx1 postfix/local[18594]: 928908C8E1: to=<web1_**removed*@lnx1.**removed*.net>, orig_to=<**removed*@**removed*.net>, relay=local, delay=8, status=sent (delivered to command: /usr/bin/procmail -f-)
Nov 19 13:05:07 lnx1 postfix/qmgr[6024]: 928908C8E1: removed
Nov 19 13:08:19 lnx1 postfix/anvil[18561]: statistics: max connection rate 1/60s for (smtp:84.101.185.50) at Nov 19 13:02:46
Nov 19 13:08:19 lnx1 postfix/anvil[18561]: statistics: max connection count 1 for (smtp:84.101.185.50) at Nov 19 13:02:46
Nov 19 13:08:19 lnx1 postfix/anvil[18561]: statistics: max cache size 1 at Nov 19 13:02:46
Nov 19 13:09:01 lnx1 /USR/SBIN/CRON[18677]: (root) CMD (  [ -d /var/lib/php5 ] && find /var/lib/php5/ -type f -cmin +$(/usr/lib/php5/maxlifetime) -print0 | xargs -r -0 rm)
Nov 19 13:14:45 lnx1 postfix/smtpd[18760]: connect from unknown[220.94.12.114]
Nov 19 13:14:47 lnx1 postfix/smtpd[18760]: 15C708FEEC: client=unknown[220.94.12.114]
Nov 19 13:14:47 lnx1 postfix/cleanup[18764]: 15C708FEEC: message-id=<000001c70bd4$457ada80$0100007f@lse>
Nov 19 13:14:48 lnx1 postfix/qmgr[6024]: 15C708FEEC: from=<walter@griffield.biz>, size=26383, nrcpt=1 (queue active)
Nov 19 13:14:48 lnx1 postfix/cleanup[18764]: ACAAA90460: message-id=<000001c70bd4$457ada80$0100007f@lse>
Nov 19 13:14:48 lnx1 postfix/local[18767]: 15C708FEEC: to=<web1_**removed*@lnx1.**removed*.net>, orig_to=<**removed*@**removed*.net>, relay=local, delay=2, status=sent (forwarded as ACAAA90460)
Nov 19 13:14:48 lnx1 postfix/qmgr[6024]: ACAAA90460: from=<walter@griffield.biz>, size=26520, nrcpt=1 (queue active)
Nov 19 13:14:48 lnx1 postfix/qmgr[6024]: 15C708FEEC: removed
Nov 19 13:14:49 lnx1 postfix/smtpd[18760]: disconnect from unknown[220.94.12.114]
Nov 19 13:14:49 lnx1 postfix/smtp[18768]: ACAAA90460: to=<**removed*@**removed*.com>, orig_to=<**removed*@**removed*.net>, relay=smtp.orange.nl[193.252.22.251], delay=1, status=sent (250 Ok: queued as A60EE7000089)
Nov 19 13:14:49 lnx1 postfix/qmgr[6024]: ACAAA90460: removed
Nov 19 13:17:01 lnx1 /USR/SBIN/CRON[18798]: (root) CMD (   run-parts --report /etc/cron.hourly)
Nov 19 13:17:03 lnx1 kernel: [46242.048591] EXT2-fs warning: mounting unchecked fs, running e2fsck is recommended
Nov 19 13:18:09 lnx1 postfix/anvil[18762]: statistics: max connection rate 1/60s for (smtp:220.94.12.114) at Nov 19 13:14:45
Nov 19 13:18:09 lnx1 postfix/anvil[18762]: statistics: max connection count 1 for (smtp:220.94.12.114) at Nov 19 13:14:45
Nov 19 13:18:09 lnx1 postfix/anvil[18762]: statistics: max cache size 1 at Nov 19 13:14:45
Reply With Quote
Sponsored Links
  #2  
Old 19th November 2006, 20:36
todgerme todgerme is offline
Member
 
Join Date: Dec 2005
Location: Belfast, Northern Ireland
Posts: 54
Thanks: 0
Thanked 1 Time in 1 Post
 
Default

Take a look at /etc/syslog.conf, to remove the mail logging from syslog make sure you have a line similar to the one below:


*.*;auth,authpriv.none;mail.none;mail.error -/var/log/syslog


Reboot/restart syslog server and hopefully logging be gone!

Last edited by todgerme; 20th November 2006 at 00:29.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
IMAP question - Moving servers and mail. Brenton Installation/Configuration 11 14th May 2010 14:38
Occasional high load on the server. kanour General 5 21st November 2006 11:27
Centos 4.4 32bit Hangs, High Server load 3cwired_com Server Operation 11 16th November 2006 15:47
Verify email setup meekish Installation/Configuration 28 27th October 2006 15:36
postfix starts and stops why lhatle Installation/Configuration 2 21st December 2005 15:20


All times are GMT +2. The time now is 01:27.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.