[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] Sendmail logs on Raq3

Subject: [cobalt-users] Sendmail logs on Raq3
From: Fabrice Prémel <fabrice@xxxxxxxxxx>
Date: Tue Oct 3 08:41:01 2000
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

Hi,

I just noticed the following that might interest others : with the 
defaults' Cobalt scripts, sendmail logs are converted into 
pseudo-httpd logs. The purpose is to be able to use standard httpd 
logs analyser on it. Fine. What's wrong is that in the process, only 
successful mails are converted. Others are silently discarded. Which 
means that say, you wanna look at yesterday logs for some strange 
sendmail errors, you're screwed. Sure, you can see that you sent a 
mail at 3.00, but you can't any more see that Joe has repeatly tried 
to abuse your sendmail.

Do I have to say that for *security*, error logs are at least as 
important as successful logs ?

Seems to me that every Cobalt's script needs to be looked at, cause I 
just keep seeing mistakes in them.

I would strongly suggests to security aware admins to change some of 
logrotate's default behaviour.

Hope that helps,

Fabrice Prémel.

Prev by Date: RE: [cobalt-users] Subdomains?
Next by Date: Re: [cobalt-users] Subdomains?
Previous by thread: Re: [cobalt-users] Quick Webalizer Question
Next by thread: [cobalt-users] MS Linux...

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index