Thank you for your help Sahil!
A grep of smtp returns two types of entries. A postfix/smtp and a
postfix/anvil.
When I grep the ID of a sample of each they look like this:
postfix/smtp:
Jul 29 20:14:11 vps postfix/smtp[21650]: A85225A08723:
to=<[EMAIL PROTECTED]>,
relay=gmail-smtp-in.l.google.com[209.85.199.27]:25, delay=1.2,
delays=0.02/0.06/0.09/1, dsn=2.0.0, status=sent (250 2.0.0 OK
1217387662 k2si695106rvb.4)
Jul 29 20:14:17 vps postfix/smtp[21650]: DDC695A087F7:
to=<[EMAIL PROTECTED]>,
relay=gmail-smtp-in.l.google.com[209.85.199.27]:25, delay=1.3,
delays=0.56/0/0.09/0.61, dsn=2.0.0, status=sent (250 2.0.0 OK
1217387667 l31si709029rvb.6)
postfix/anvil:
Jul 29 21:11:31 vps postfix/anvil[17821]: statistics: max connection
rate 1/60s for (smtp:81.12.170.122) at Jul 29 21:04:42
Jul 29 21:11:31 vps postfix/anvil[17821]: statistics: max connection
count 1 for (smtp:81.12.170.122) at Jul 29 21:04:42
Jul 29 21:11:31 vps postfix/anvil[17821]: statistics: max cache size 2
at Jul 29 21:08:09
There are quite a few of the anvil types of entries. Are they just
connection attempts that were denied but not successful?
The postfix/smtp type seem accurate for what should be the results of
what is being sent by my system so is that the correct info to keep an
eye on if I want to make sure my system is not sending anything it
shouldn't?
Thanks :)
Cameron Smith
On Jul 29, 2008, at 9:01 PM, Sahil Tandon wrote:
Velvet Pixel <[EMAIL PROTECTED]> wrote:
How can I tell from looking at my maillog file what emails have been
sent
from my system?
I don't care about local deliveries.
I just want to know what was sent from my server to other servers.
Without any more information about your system, you can start by
grepping for
'smtp' in your logs (excluding smtpd).
--
Sahil Tandon <[EMAIL PROTECTED]>
