with V8.2 sendmail, the
command-line switch can be used to record all input and output, SMTP
traffic, and other significant transactions. The form of the
-X (transaction) command-line switch looks like
Space between the
-X and the
file is optional. The
file can be specified as either a full or
a relative pathname. For security the
command-line switch always causes sendmail to
give up its privileges unless it was run by
root. If the transaction
file cannot be opened for writing, the
following error is printed and no logging is done:
Otherwise, the file is opened in append mode, and each line that is written to it looks like this:
pid what detail
pid is the process identification
number of the sendmail that added the line. The
what is one of these three symbols:
This is input. It is either text that is read on the standard input, or parts of an SMTP dialog that were read on a socket connection.
This is output. It is either something that sendmail printed to its standard output, or something that it sent over an SMTP connection.
= = =
This is an event. The only two events that are currently logged are CONNECT for connection to a host and EXEC for execution of a delivery agent.
To illustrate, consider sending a mail message to yourself and to a friend at another site:
/usr/sbin/sendmail -X /tmp/xfile -oQ`pwd` yourself,email@example.com
This is a test.