• Introducing WebPros Cloud - a fully managed infrastructure platform purpose-built to simplify the deployment of WebPros products !  WebPros Cloud enables you to easily deliver WebPros solutions — without the complexity of managing the infrastructure.
    Join the pilot program today!
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.

maillog reader

D

dvdpa

Guest
Hi

Is there any sane way to read the qmail maillog to see what
a particular customer sent out.

Specifcally I want to see the addresses that the sender sent
the messages to. I suspect bulk mail and I want to be sure.

Thanks

Chuck
 
/usr/local/psa/var/log/maillog -- be forwarned, there is a LOT of data in this file. If you do view the file, please do NOT save any changes you make, as it can cause problems.
 
I copied the gziped files to another working dir so I could
go through them without risk of damage. Trouble is I am not sure how to associate who the sender sent the emails to.

In sendmail the structure is easily read but qmail scatters
the info. Is there a script/ method that makes it easier
to locate the info.

If I grep the email address of the sender I get a list of
single lines with that email address and a number.

If I grep that number I get info for this user and others, I just
want to isolate what messages were send by one person
over a 4 hour period.

Thanks

Chuck
 
grep qmail maillog | grep from | grep [email protected]

Example:
grep qmail maillog | grep from | grep [email protected]

Once you do this you may see something like this:
Aug 4 14:58:28 cartman qmail: 1154721508.299140 info msg 1744670: bytes 794 from <[email protected]> qp 30179 uid 2020

You could then search using the time stamp for each result from the above example, which in this case:
grep Aug maillog | grep 4 | grep 14:58:28

That will tell you more information. I'm sure you could write a simple script that looks for the qmail process, the from, the email address and the following 5 lines or so.

Here is the output using the example above:
> grep Aug maillog | grep 4 | grep 14:58:28
Aug 4 14:58:28 cartman relaylock: /usr/local/psa/qmail/bin/relaylock: mail from 72.5.196.253:1051 (outgoing.csglencoe.com)
Aug 4 14:58:28 cartman smtp_auth: SMTP connect from [email protected] [72.5.196.253]
Aug 4 14:58:28 cartman smtp_auth: smtp_auth: SMTP user jamesp : /usr/local/psa/qmail/mailnames/secondcitytech.com/jamesp logged in from [email protected] [72.5.196.253]
Aug 4 14:58:28 cartman qmail-queue[30178]: mail: all addreses are uncheckable - need to skip scanning (by deny mode)
Aug 4 14:58:28 cartman qmail-queue[30178]: scan: the message(drweb.tmp.alIm7M) sent by [email protected] to [email protected] should be passed without checks, because contains uncheckable addresses
Aug 4 14:58:28 cartman qmail: 1154721508.298889 new msg 1744670
Aug 4 14:58:28 cartman qmail: 1154721508.299140 info msg 1744670: bytes 794 from <[email protected]> qp 30179 uid 2020
Aug 4 14:58:28 cartman qmail: 1154721508.306339 starting delivery 1900: msg 1744670 to remote [email protected]
Aug 4 14:58:28 cartman qmail: 1154721508.306515 status: local 0/10 remote 1/20

The complete log entry for a sent message might look like this:
Aug 4 14:58:28 cartman qmail: 1154721508.298889 new msg 1744670
Aug 4 14:58:28 cartman qmail: 1154721508.299140 info msg 1744670: bytes 794 from <[email protected]> qp 30179 uid 2020
Aug 4 14:58:28 cartman qmail: 1154721508.306339 starting delivery 1900: msg 1744670 to remote [email protected]
Aug 4 14:58:28 cartman qmail: 1154721508.306515 status: local 0/10 remote 1/20
Aug 4 14:58:32 cartman qmail: 1154721512.421265 delivery 1900: success: 216.129.90.46_accepted_message./Remote_host_said:_250_OK_id
=1G95oW-0002WH-4F/
Aug 4 14:58:32 cartman qmail: 1154721512.423371 status: local 0/10 remote 0/20
Aug 4 14:58:32 cartman qmail: 1154721512.423818 end msg 1744670

I've noticed on my setup, the msgid is the same for all messages, so I don't see any other way than just filtering out the sender and process name and maybe even grepping for the date in question.

J




That will only show the qmail process log entries and not anything else. PSA dumps all mail information to this log so its hard to read. All courier, drweb, mailman, and qmail interaction related to mail is logged here.
 
I might write a perl script to do this now that I think of it.

I'll let you know my progress on it, if I have time to get to it this weekend.

J
 
You must log in or register to reply here.

Similar threads

Azurel
Issue Problems with Mailserver?
Replies
4
Views
871
Azurel
Azurel
B
Question Unable to Send Emails Using PHPMailer on Plesk Server
Replies
4
Views
1K
King555
K
F
Issue Relay access denied for root mails
Replies
3
Views
798
fliegerhermi
F
M
Issue Mail issue: Remote server returned '554 5.7.4 < # 5.7.4 SMTP; 554 5.7.4 failed to deliver message via SSL/TLS. >' -lost connection after STARTTLS from
Replies
1
Views
924
scsa20
scsa20
Erwin Fiten
Question Spam sent from my server by other hosts ???
Replies
4
Views
641
Bitpalast
Bitpalast
Back
Top