Velvet Pixel wrote:
>
> A grep of smtp returns two types of entries. A postfix/smtp and a
> postfix/anvil.
>
> When I grep the ID of a sample of each they look like this:
>
> postfix/smtp:
> Jul 29 20:14:11 vps postfix/smtp[21650]: A85225A08723:
> to=<[EMAIL PROTECTED]>,
> relay=gmail-smtp-in.l.google.com[209.85.199.27]:25, delay=1.2,
> delays=0.02/0.06/0.09/1, dsn=2.0.0, status=sent (250 2.0.0 OK 1217387662
> k2si695106rvb.4)
You are seeing:
- message queue id
- the recipient (to),
- relay (in this case, remote MTA),
- time delay(s),
- delivery status notification (2.0.0 = successful delivery,
4xx = tmp reject, 5xx = perm reject)
- status of message (sent, bounced, deferred)
- remote mta's reply (250 ...)
>
> postfix/anvil:
> Jul 29 21:11:31 vps postfix/anvil[17821]: statistics: max connection
> rate 1/60s for (smtp:81.12.170.122) at Jul 29 21:04:42
> Jul 29 21:11:31 vps postfix/anvil[17821]: statistics: max connection
> count 1 for (smtp:81.12.170.122) at Jul 29 21:04:42
> Jul 29 21:11:31 vps postfix/anvil[17821]: statistics: max cache size 2
> at Jul 29 21:08:09
>
These are anvil's stats. Anvil is used for rate control. See man anvil.
> There are quite a few of the anvil types of entries. Are they just
> connection attempts that were denied but not successful?
No, not denied. You're seeing the max rate of connections, and count of
connections, and the client that hit the max rate shown. Eg: client
81.12.170.122 connected at most 1 per 60 seconds, and connected at most
1 time simultaneously.
>
> The postfix/smtp type seem accurate for what should be the results of
> what is being sent by my system so is that the correct info to keep an
> eye on if I want to make sure my system is not sending anything it
> shouldn't?
>
> Thanks :)
> Cameron Smith
>
