Log Transactions with -X
Beginning
with V8.2 sendmail, the -X
command-line switch can be used to record all input and output, SMTP
traffic, and other significant transactions. The form of the
-X
(transaction) command-line switch looks like
this:
-X file
Space between the -X
and the
file
is optional. The
file
can be specified as either a full or
a relative pathname. For security the -X
command-line switch always causes sendmail to
give up its privileges unless it was run by
root. If the transaction
file
cannot be opened for writing, the
following error is printed and no logging is done:
cannot open file
Otherwise, the file is opened in append mode, and each line that is written to it looks like this:
pid what detail
The pid
is the process identification
number of the sendmail that added the line. The
what
is one of these three symbols:
-
<<<
This is input. It is either text that is read on the standard input, or parts of an SMTP dialog that were read on a socket connection.
-
>>>
This is output. It is either something that sendmail printed to its standard output, or something that it sent over an SMTP connection.
= = =
This is an event. The only two events that are currently logged are CONNECT for connection to a host and EXEC for execution of a delivery agent.
To illustrate, consider sending a mail message to yourself and to a friend at another site:
%/usr/sbin/sendmail -X /tmp/xfile -oQ`pwd` yourself,friend@remote.host
To: yourself,friend@remote.host
Subject: test
This is a test.
.
These ...
Get Sendmail, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.