Carlos Williams wrote, at 03/11/2009 11:19 AM: > I just had a ticket come in regards to a user who just last week > started receiving a crazy amount of spam emails that he has never had > an issue with. I checked the mail logs (/var/log/mail.log) and was > unable to find anything. I checked the spam emails the user still had > on his client and copied the message headers: > > Return-Path: <hangza...@yahoo.com.cn>
This will be logged. > Received: from mail.lkpp.gov.my (unknown [219.93.25.92]) As will this IP. > Now I am wondering why I am unable to find any of these messages in my logs: > > mail:~# cat /var/log/mail.log | grep -i 203.217.121.52 > mail:~# cat /var/log/mail.log | grep -i 3B3311FA41E0 > mail:~# cat /var/log/mail.log | grep -i guypatricelumu...@congo.gov > > Am I searching for this incorrectly or in the wrong directory? Thanks > for any help! Debian logs email funny. Try this, and work from there: egrep '(hangza...@yahoo.com.cn|219.93.25.92)' /var/log/mail* If that turns up nothing, you may need to look at /etc/syslog.conf (or whatever Debian uses) to see how syslog is configured to log mail.
