[Logwatch-Devel] sendmail counts
bjorn at mblmail.net
Wed Dec 29 20:05:21 MST 2004
I submitted a large set of patches for sendmail a few days ago
to logwatch-patches at logwatch.org. I then started looking at the
message/recipients/size counts, and I think they are not correct.
I am willing to contribute the code, but I wanted to post to this group
since it entails using a very different approach. If this is not the
proper forum for this discussion, let me know.
I believe that:
a) the total counts for messages and message bytes are correct.
b) the counts for recipients are not correct. This is because some
recipients are added through alias expansion (and cloning) and
recipients are deleted because of duplication through alias expansion.
c) the section on "domains" is not correct. It purports to seek domain
names in the local-host-names file, when in reality most of the those
entries are probably aliases for the current host. Similarly for the
search through the access file: the search patterns will only find
some relevant domain names, and only if the old format is used.
To do a proper listing of domains, several other files need to be
searched and parsed: domaintable, virtusertable, mailertable, and
the sendmail.cf itself.
d) the listing of messages by domain is misleading anyway. The code
looks at the destination info for the first recipient, and ascribes
the same property (Incoming, Outgoing, Internal) to the other
recipients of the same message. Essentially, the definition of
message and recipient is commingled.
e) Local mail (without a host or domain name) messages are not counted
f) Relay messages that don't match some entries in the access file (old
format) are not counted at all.
Because I believe that solving issues b) and c) correctly would require
very complex code (essentially, re-implementing sendmail's discovery
of aliases, final recipients, host names, mapped names, access rules,
etc.), I suggest that we simply create a listing by mailer type, which
is provided in the maillog file.
Fortunately, that is a lot easier to do, and I think provides most of
the information originally intended:
- local/prog/file mailers are for messages to this machine
- smtp and related mailers are for messages to other machines
- the relay mailer is tricker, though, because it's not readily
obvious - it can be for both local and external recipients
(The above are the most common, but of course users can define their
own mailers in sendmail.)
More information about the Logwatch-Devel