我正在使用postifx 2.11.3-1运行Debian 8.5,并且尝试将包括DATA在内的整个smtp会话logging到mail.log 。
可以通过在master.cf的smtpd中添加-vvv来增加详细信息来查看部分数据(参见下面的整个文件),但是我不可能获得完整的数据,只有前10个字符正在被logging。
mail.log
--- snip --- Sep 18 18:22:03 vagrant postfix/smtpd[9220]: rec_put: type T len 17 data 1474215723 Sep 18 18:22:03 vagrant postfix/smtpd[9220]: rec_put: type A len 18 data log_ident= Sep 18 18:22:03 vagrant postfix/smtpd[9220]: rec_put: type A len 21 data rewrite_co Sep 18 18:22:03 vagrant postfix/smtpd[9220]: rec_put: type S len 23 data foo@exampl Sep 18 18:22:03 vagrant postfix/smtpd[9220]: rec_put: type A len 25 data log_client --- snip ---
还通过增加冗长的后缀真的logging了很多。 有没有更好的办法,而不是提高冗长度?
据我发现它只能使用tcpdump或whireshark真正只loggingsmtp会话,我看到这个正确的?
我想要login的例子smtp会话:
telnet www.sample.com 25 Server Response: 220 www.sample.com ESMTP Postfix Client Sending : HELO domain.com Server Response: 250 Hello domain.com Client Sending : MAIL FROM: <[email protected]> Server Response: 250 Ok Client Sending : RCPT TO: <[email protected]> Server Response: 250 Ok Client Sending : DATA Server Response: 354 End data with <CR><LF>.<CR><LF> Client Sending : Subject: Example Message Client Sending : From: [email protected] Client Sending : To: [email protected] Client Sending : Client Sending : Yo, Client Sending : Client Sending : Sending a test message. Client Sending : Client Sending : Later, Client Sending : Carl Client Sending : . Server Response: 250 Ok: queued as 45334 Client Sending : QUIT Server Response: 221 Bye
master.cf
smtp inet n - - - - smtpd -vvv pickup unix n - - 60 1 pickup cleanup unix n - - - 0 cleanup qmgr unix n - n 300 1 qmgr tlsmgr unix - - - 1000? 1 tlsmgr rewrite unix - - - - - trivial-rewrite bounce unix - - - - 0 bounce defer unix - - - - 0 bounce trace unix - - - - 0 bounce verify unix - - - - 1 verify flush unix n - - 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - - - - smtp relay unix - - - - - smtp showq unix n - - - - showq error unix - - - - - error retry unix - - - - - error discard unix - - - - - discard local unix - nn - - local virtual unix - nn - - virtual lmtp unix - - - - - lmtp anvil unix - - - - 1 anvil scache unix - - - - 1 scache maildrop unix - nn - - pipe flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient} uucp unix - nn - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) ifmail unix - nn - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) bsmtp unix - nn - - pipe flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient scalemail-backend unix - nn - 2 pipe flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension} mailman unix - nn - - pipe flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user}
main.cf
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) biff = no append_dot_mydomain = no readme_directory = no smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key smtpd_use_tls=yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination myhostname = localhost.at.dev alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = localhost.at.dev mydestination = localhost.at.dev, localhost relayhost = mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all
login这个级别真的很难,并且有一个可用的日志。 我只在被设置为debugging级别的客户端中看到它。 您可能可以为每个有用的消息做日志。
你有什么理由需要在这个级别的日志? 您应该能够创build消息的影子副本,但是这将排除使用的命令。
在exim4获取命令相对比较容易,但是我并不认为这很容易得到响应。 数据是另一回事,但您应该能够捕获包含数据的假脱机文件。 我相信由于它的结构化方式,在Postfix中获取命令更加困难。