Tweaking Log Entries
in [Postfix]
|
From: "Mark A. Olbert" on 6 May 2010 20:30 I get a lot of the following kinds of log entries: May 6 03:24:46 wiggle_butt postfix/smtpd[20899]: connect from unknown[59.94.131.218] May 6 03:24:48 wiggle_butt postfix/smtpd[20899]: NOQUEUE: reject: RCPT from unknown[59.94.131.218]: 454 4.7.1 Service unavailable;$ May 6 03:24:49 wiggle_butt postfix/smtpd[20899]: lost connection after DATA from unknown[59.94.131.218] May 6 03:24:49 wiggle_butt postfix/smtpd[20899]: disconnect from unknown[59.94.131.218] May 6 03:24:50 wiggle_butt postfix/smtpd[20899]: warning: 121.246.80.192: hostname 121.246.80.192.ahmedabad-static.vsnl.net.in ver$ May 6 03:24:50 wiggle_butt postfix/smtpd[20899]: connect from unknown[121.246.80.192] May 6 03:24:53 wiggle_butt postfix/smtpd[20899]: NOQUEUE: reject: RCPT from unknown[121.246.80.192]: 454 4.7.1 Service unavailable$ May 6 03:24:53 wiggle_butt postfix/smtpd[20899]: lost connection after RCPT from unknown[121.246.80.192] May 6 03:24:53 wiggle_butt postfix/smtpd[20899]: disconnect from unknown[121.246.80.192] My presumption is that these are all spam. I'd like to be able to suppress, or at least reduce, the number of log entries being generated as a result of bouncing this stuff. Is there a way to configure postfix to do that? I know that I'd be losing valuable information if I ever had a legitimate mail delivery problem. But I've never actually run into that. Thanks in advance. - Mark __________ Information from ESET NOD32 Antivirus, version of virus signature database 5092 (20100506) __________ The message was checked by ESET NOD32 Antivirus. http://www.eset.com
From: Wietse Venema on 6 May 2010 21:04 Mark A. Olbert: > I get a lot of the following kinds of log entries: > > May 6 03:24:46 wiggle_butt postfix/smtpd[20899]: connect from unknown[59.94.131.218] > May 6 03:24:48 wiggle_butt postfix/smtpd[20899]: NOQUEUE: reject: RCPT from unknown[59.94.131.218]: 454 4.7.1 Service unavailable;$ > May 6 03:24:49 wiggle_butt postfix/smtpd[20899]: lost connection after DATA from unknown[59.94.131.218] > May 6 03:24:49 wiggle_butt postfix/smtpd[20899]: disconnect from unknown[59.94.131.218] > May 6 03:24:50 wiggle_butt postfix/smtpd[20899]: warning: 121.246.80.192: hostname 121.246.80.192.ahmedabad-static.vsnl.net.in ver$ > May 6 03:24:50 wiggle_butt postfix/smtpd[20899]: connect from unknown[121.246.80.192] > May 6 03:24:53 wiggle_butt postfix/smtpd[20899]: NOQUEUE: reject: RCPT from unknown[121.246.80.192]: 454 4.7.1 Service unavailable$ > May 6 03:24:53 wiggle_butt postfix/smtpd[20899]: lost connection after RCPT from unknown[121.246.80.192] > May 6 03:24:53 wiggle_butt postfix/smtpd[20899]: disconnect from unknown[121.246.80.192] > > My presumption is that these are all spam. > > I'd like to be able to suppress, or at least reduce, the number > of log entries being generated as a result of bouncing this stuff. > Is there a way to configure postfix to do that? Postfix logs information as soon as it becomes available. A switch between "full" and "digested" logging sounds nice but it would double the amount of effort to update and test the code. The cost of disk storage is still dropping. Consider using recent hardware for critical systems, and using regular expressions or other dedicated logfile processing tools. Wietse > I know that I'd be losing valuable information if I ever had a legitimate mail delivery problem. But I've never actually run into that. > > Thanks in advance. > > - Mark > > > __________ Information from ESET NOD32 Antivirus, version of virus signature database 5092 (20100506) __________ > > The message was checked by ESET NOD32 Antivirus. > > http://www.eset.com > > >
|
Pages: 1 Prev: 554 5.7.1 Relay access denied Next: Postfix architecture + Ldap + Courier IMAP |