[Logwatch] logwatch for postfix

Farkas Levente lfarkas at bppiac.hu
Sun Sep 9 02:29:34 MST 2007


hi,
we run on our centos server logwatch for postfix services too. but
unfortunately it generates a lots of usefulness info. is there any way to
delete them. imho these are bugs in logwatch and should have to be fixed.
the most annoying two examples:
lots of such lines
---------------------------------------------
 **Unmatched Entries**
        2   Sep  5 03:38:39 alpha postfix/smtpd[31077]:
fingerprint=18:C6:FA:7A:E7:A2:21:04:3F:26:E2:A8:D6:A3:46:33
---------------------------------------------
which comes from the fact that the smtp server communicating with each
other via TLS, from the log:
---------------------------------------------
Sep  2 04:03:25 alpha postfix/smtpd[21446]: connect from
ns2.name-server.hu[213.253.216.144]
Sep  2 04:03:25 alpha postfix/smtpd[21446]: setting up TLS connection from
ns2.name-server.hu[213.253.216.144]
Sep  2 04:03:25 alpha postfix/smtpd[21446]:
fingerprint=18:C6:FA:7A:E7:A2:21:04:3F:26:E2:A8:D6:A3:46:33
Sep  2 04:03:25 alpha postfix/smtpd[21446]: Verified:
subject_CN=mx1.mail-server.hu, issuer=CAcert Class 3 Root
Sep  2 04:03:25 alpha postfix/smtpd[21446]: TLS connection established
from ns2.name-server.hu[213.253.216.144]: TLSv1 with cipher
DHE-RSA-AES256-SHA (256/25
6 bits)
Sep  2 04:03:25 alpha postfix/smtpd[21446]: 1F89A85974:
client=ns2.name-server.hu[213.253.216.144]
Sep  2 04:03:25 alpha postfix/cleanup[21363]: 1F89A85974:
message-id=<20070902020322.2D1655D00C5 at dejavu.zalavary.hu>
Sep  2 04:03:26 alpha postfix/qmgr[19347]: 1F89A85974:
from=<root at dejavu.zalavary.hu>, size=14997, nrcpt=1 (queue active) Sep  2
04:03:26 alpha postfix/smtpd[21446]: disconnect from
ns2.name-server.hu[213.253.216.144]
---------------------------------------------

the other problem when amavis virus scanner running on the firewall:
---------------------------------------------
 **Unmatched Entries**
        1   Sep  5 19:29:48 portal postfix/smtpd[21478]: E2C8D376656:
reject: DATA from localhost[127.0.0.1]: 550 5.5.3 <DATA>: Data command
rejected: Multi-recipient bounce; from=<> proto=ESMTP helo=<localhost>
---------------------------------------------
in this case the log file contains:
---------------------------------------------
Sep  2 04:18:33 portal postfix/smtpd[28519]: connect from
localhost[127.0.0.1]
Sep  2 04:18:33 portal postfix/smtpd[28519]: 0D3AE376627:
client=localhost[127.0.0.1]
Sep  2 04:18:33 portal postfix/smtpd[28519]: 0D3AE376627: reject: DATA
from localhost[127.0.0.1]: 550 5.5.3 <DATA>: Data command rejected:
Multi-recipient bo
unce; from=<> proto=ESMTP helo=<localhost>
Sep  2 04:18:33 portal postfix/smtpd[28519]: disconnect from
localhost[127.0.0.1]
---------------------------------------------
thanks in advance.

-- 
  Levente                               "Si vis pacem para bellum!"






More information about the Logwatch mailing list