Log for Debugging

Discussion in 'Installation/Configuration' started by jwan, Oct 21, 2006.

  1. jwan

    jwan New Member

    Hi All,

    I'm a newbie and followed perfect setup for ubuntu 6.06 with ispconfig and relayhost (relaying mails).

    All went fine for the first 5 days, then my mail all of sudden doesn't reach its recipient. I check the syslog and it say "status=sent". What I would like to know is how and where to troubleshoot and what software is responsible for what process?

    As far as I know, all logs are suppose to be under /etc/log/ but there are so many log files and I don't know where to look for. And the syslog is not very much detailed.

    How can I make each software (apache, mysql, postfix, spam, courier, procmail, bind dns, proftpd, pop3, smtp, imap, etc.) provide complete debug or perhaps control the level of debug info? and where are each log are stored?

    I believe this info would be useful to all newbies like me.

    jwan
     
  2. till

    till Super Moderator

    All logfiles are under /var/log and not /etc/log. Have a look at the mail lofile and post an excrpt of the log to the forum.
     
  3. jwan

    jwan New Member

    here is sample log...

    *note: web1_user1, web2_user2, domain1.com, domain2.com where all renamed for security reason, all does exist

    Oct 21 21:13:28 ubuntu courierpop3login: Connection, ip=[::ffff:127.0.0.1]
    Oct 21 21:13:28 ubuntu courierpop3login: LOGIN, user=web1_user, ip=[::ffff:127.0.0.1]
    Oct 21 21:13:28 ubuntu courierpop3login: LOGOUT, user=web1_user, ip=[::ffff:127.0.0.1], top=8485, retr=0, time=0
    Oct 21 21:15:26 ubuntu courierpop3login: Connection, ip=[::ffff:127.0.0.1]
    Oct 21 21:15:26 ubuntu courierpop3login: LOGIN, user=web1_user, ip=[::ffff:127.0.0.1]
    Oct 21 21:15:27 ubuntu courierpop3login: LOGOUT, user=web1_user, ip=[::ffff:127.0.0.1], top=8055, retr=0, time=1
    Oct 21 21:15:49 ubuntu postfix/smtpd[19781]: connect from localhost.localdomain[127.0.0.1]
    Oct 21 21:15:49 ubuntu postfix/smtpd[19781]: BE39CFF4134: client=localhost.localdomain[127.0.0.1]
    Oct 21 21:15:49 ubuntu postfix/cleanup[19782]: BE39CFF4134: message-id=<20061021131549.BE39CFF4134@ubuntu.domain1.com>
    Oct 21 21:15:49 ubuntu postfix/qmgr[23325]: BE39CFF4134: from=<user@domain1.com>, size=779, nrcpt=1 (queue active)
    Oct 21 21:15:49 ubuntu postfix/smtpd[19781]: disconnect from localhost.localdomain[127.0.0.1]
    Oct 21 21:15:49 ubuntu courierpop3login: Connection, ip=[::ffff:127.0.0.1]
    Oct 21 21:15:49 ubuntu courierpop3login: LOGIN, user=web1_user, ip=[::ffff:127.0.0.1]
    Oct 21 21:15:49 ubuntu courierpop3login: LOGOUT, user=web1_user, ip=[::ffff:127.0.0.1], top=0, retr=0, time=0
    Oct 21 21:16:00 ubuntu postfix/smtpd[19781]: connect from c-71-235-122-79.hsd1.ma.comcast.net[71.235.122.79]
    Oct 21 21:16:01 ubuntu postfix/smtpd[19781]: 73FC2FF4420: client=c-71-235-122-79.hsd1.ma.comcast.net[71.235.122.79]
    Oct 21 21:16:02 ubuntu postfix/smtp[19783]: BE39CFF4134: to=<user@domain2.com>, relay=mail.systembay.com[210.213.196.95], delay=13, status=sent (250 Ok: queued as 118926D0066)
    Oct 21 21:16:02 ubuntu postfix/qmgr[23325]: BE39CFF4134: removed
    Oct 21 21:16:02 ubuntu postfix/cleanup[19782]: 73FC2FF4420: message-id=<453A1D9D.3040300@pritikin.com>
    Oct 21 21:16:03 ubuntu postfix/qmgr[23325]: 73FC2FF4420: from=<wclyzg@pritikin.com>, size=18513, nrcpt=1 (queue active)
    Oct 21 21:16:04 ubuntu postfix/smtpd[19781]: disconnect from c-71-235-122-79.hsd1.ma.comcast.net[71.235.122.79]
    Oct 21 21:16:04 ubuntu postfix/pickup[18482]: 42EA3FF45BF: uid=10009 from=<web1_user2>
    Oct 21 21:16:04 ubuntu postfix/cleanup[19782]: 42EA3FF45BF: message-id=<20061021131604.42EA3FF45BF@ubuntu.domain1.com>
    Oct 21 21:16:04 ubuntu postfix/qmgr[23325]: 42EA3FF45BF: from=<web1_user2@ubuntu.domain1.com>, size=412, nrcpt=1 (queue active)
    Oct 21 21:16:04 ubuntu postfix/local[19820]: 42EA3FF45BF: to=<admispconfig@localhost.localdomain>, relay=local, delay=1, status=sent (delivered to command: /usr/bin/procmail -f-)
    Oct 21 21:16:04 ubuntu postfix/qmgr[23325]: 42EA3FF45BF: removed
    Oct 21 21:16:09 ubuntu postfix/local[19801]: 73FC2FF4420: to=<web1_user2@ubuntu.domain1.com>, orig_to=<user2@domain1.com>, relay=local, delay=8, status=sent (delivered to command: /usr/bin/procmail -f-)
    Oct 21 21:16:09 ubuntu postfix/qmgr[23325]: 73FC2FF4420: removed

    The above is a result of web1_user1 sending email to user@domain1.com to user@domain2.com. In the middle of operation perhaps somebody sending something to web1_user2.

    Anyway, my problem is that the log is not very detailed. And yes, my mistake... should be /var/log/

    jwan
     
  4. falko

    falko Super Moderator

    Does this happen when you send to external email addresses, or when you send to local email addresses? Because your mail log looks ok.
     
  5. jwan

    jwan New Member

    The sample log shows sending out. Sending local is ok. Btw, the log is not very informative, is there a way to increase the log details? if so, where to set?

    jwan
     
  6. falko

    falko Super Moderator

    Please check that the username and password for the relayserver are ok. Also contact your ISP and ask if they started to block port 25.
     

Share This Page