[Logwatch-Devel] sendmail counts

Bjorn L. bjorn at mblmail.net
Wed Dec 29 20:05:21 MST 2004

I submitted a large set of patches for sendmail a few days ago
to logwatch-patches at logwatch.org.  I then started looking at the
message/recipients/size counts, and I think they are not correct.

I am willing to contribute the code, but I wanted to post to this group
since it entails using a very different approach.  If this is not the
proper forum for this discussion, let me know.

I believe that:

a) the total counts for messages and message bytes are correct.

b) the counts for recipients are not correct.  This is because some
   recipients are added through alias expansion (and cloning) and
   recipients are deleted because of duplication through alias expansion.

c) the section on "domains" is not correct.  It purports to seek domain
   names in the local-host-names file, when in reality most of the those
   entries are probably aliases for the current host.  Similarly for the
   search through the access file: the search patterns will only find
   some relevant domain names, and only if the old format is used.

   To do a proper listing of domains, several other files need to be
   searched and parsed: domaintable, virtusertable, mailertable, and
   the sendmail.cf itself.

d) the listing of messages by domain is misleading anyway.  The code
   looks at the destination info for the first recipient, and ascribes
   the same property (Incoming, Outgoing, Internal) to the other
   recipients of the same message.  Essentially, the definition of
   message and recipient is commingled.

e) Local mail (without a host or domain name) messages are not counted
    at all.

f) Relay messages that don't match some entries in the access file (old
    format) are not counted at all.

Because I believe that solving issues b) and c) correctly would require
very complex code (essentially, re-implementing sendmail's discovery
of aliases, final recipients, host names, mapped names, access rules,
etc.), I suggest that we simply create a listing by mailer type, which
is provided in the maillog file.

Fortunately, that is a lot easier to do, and I think provides most of
the information originally intended:

- local/prog/file mailers are for messages to this machine
- smtp and related mailers are for messages to other machines
- the relay mailer is tricker, though, because it's not readily
   obvious - it can be for both local and external recipients

(The above are the most common, but of course users can define their
own mailers in sendmail.)

Comments appreciated.

More information about the Logwatch-Devel mailing list