I have been using Postfix since 2006 with no problems ever. Simple & rock solid however I was wondering what you guys use for monitoring all your email traffic and logs? Is there an application or utility you guys suggest using as a mail administrator to easily scan / view logs in a organized and clean view?
I wanted to know is there any way to monitor (I mean log)all of the activity of the users that logging in a server (as root) for example:
1.when do they logging in
2.what commands do they use at what time ( I know that history command do somehow the same but it does not save all of the activity of users exactly with the time of that activity)
3.which one of them installed which package on the server
4.what did they copy or move at what time and summery all the activity that each of them do on the server individually.
I have postfix installed for a while now. It seems as though my server is sending out spam to other people which is really bad...I got emails like this one:
Code: Delivered-To: email@provider.com Received: by 10.223.107.17 with SMTP id z17cs2705fao;
I would like to monitor a RedHat via snmp. I would like to make available data via snmp. The data that I would like to graph are only present in logs file. Is it possible to parse data from applicative logs and have them available for my cacti server via snmp? I already monitor CPU, mem, and others with cacti using the standard MIB.What would be the logical step I would need to achieve that?
I have setup a postfix mailserver and it seems to be working ok, we are only using this to relay mail to our forum users. Its not being used to recieve any email only send them out to the internet.
What is the difference between the mail.log and mail.info files? Can I turn one or both off? I see alot of messages like...
Just wondering what this string of log entries means? Also I am getting duplicates in the syslog file as well.
I need a software that monitors the total internet data-transfer since I use a limited data-transfer scheme. The USB modem that I have has a software but that works only with Windows. In spite of installing Wine, it doesn't monitor the data-transfer.
I need something to monitor and record the activity of the top 5 processes in terms of CPU usage and load average during a specific timespan. I'm having some spikes in the morning and just realized it's not always at the same time so it's hard to get up and watch the processes with top. I need something that records CPU usage and load average of the processes from 4AM to 9AM (for instance) so I can debug the process that it's consuming my CPU and spitting +80 e-mails with monit each day.
I need to have the ability as network administrator to see what everyone connected to our internet is doing, the sites their visiting and emails being sent.
I'm interested in altering the activity-monitor/pointer on my distro or at least finding out more about it. Is it part of Gnome or KDE or is it else where?
Fedora 13 is currently my Linux Distro of choice but I find the Pointer/Activity-monitor is annoying. Usually it has two states ,the solitary round thing or the pointer. Every now and again they are combined into the Ubuntu combination symbol of the two joined into one image. Is there a way to change this image/moving-icon? I like Mandriva's the best and would prefer it worked on all Browser windows so that New Firefox versions did not disable it.Thanks in advance!
The term I needed to find additional info was (Mouse Themes). The (Wait Cursor) is usually included with this.Download the theme you want and go to System> Preferences> Appearance> Customize> Pointers to change to one that is alreadly installed.To install themes, System> Preferences> Appearances> Install. Apparently more than one them can be used on a distro so the Browsers will use its own while Nautilus will use another. Fedora's default one does not funtion properly. It will not change to the pointer if a web page is still loading if you need to sellect something. I learned that Mandriva uses the (Bluecurve) variation for default which is like Ubuntus where it does not have to change between two different images and hense does not lose functionallity.
I view my /var/log/maillog and see tons of lines like this code...
I think those are some kind of SMTP attacks from this host by I tried to block hit with Iptables but it seemes to peace them off and they keep coming...!
please some kind of postfix-configuration solution?
I tried to do a scheduled software update several times today (8/20/11) and nothing seems to download, though I do get the "Downloading" PackageKit dialog message (the System Monitor shows practically no network activity). In between tries I downloaded some 600 MB .iso files (about 10 minutes each) so I know my internet is working properly. That leaves either PackageKit got hosed in my last update, or servers are down.
someone with good experience of monitoring windows event logs with nrpe or check_nt + nsclient++ give me some good examples of the above. I do have this working, but some of the checks appear inconsistent.
is there any HOWTO for configuring Webmin Postfix server with multiple postfix virtual hosts? Seems to be a tough challenge to set it up without any easy manual..
so i set out to change the default smtp port the server uses because my ISP blocks port 25 and i need the email to work in outlook. this morning i could receive email, but not send it. so i did some research and thought that i needed to edit the master.cf file in /etc/postfix/ by commenting out this line: smtp inet n - n - - smtpd -oand replace it with587 inet n - n - - smtpd (587 being the port i want to use)somewhere along the lines postfix server stopped running and now i cannot get it to start.if i try using SSH it crashes immediately and if i restart it in simple control panel nothing happens
I recently moved over user from an old box running postfix(v 2.0.16) over to rhel 6 running postfix (v mail_version = 2.6.6). ive tried to make sure all the files are of correct permissions and that the main.cf file is configured corectly. However there is something wrong as when i run postfix: service postfix server i get no error but when checking the status:service postfix status i get: master dead but pid file exists Looking into /var/log/mailog i find this line being the issue:
make install then i got this error: postfix: fatal: chdir(/usr/libexec/postfix): No such file or directory make: *** [install] Error 1 I don't understand why it's checking the usr/libexec folder for the daemons although I've set the folder to /opt/product/postfix-2.6.5/libexec in the makefile. Here is also the cat of my makedefs.out:
I need to trace/track email activity in my ubuntu server, normal i use this command tail -f /var/log/mail/mail.log, more or less. But the problem i am facing is that it take a long time to go through the entire log as my server recieves thousands of emails per day. is the a code that i can use to search email in the log, for instance need to find perfectpol@mycompany.com in the mail log.
Secondly; if there is an email that is blocking others on the queue how can it be remove or forced to go the mailbox. or to view its contents in order to decide whether to remove it or not.
Had a problem that are said not arrival or that are delivered as late as a day and sometime 6hours.
I Have RHEL4 running on IBM X3550 server, we request IBM support regarding issues with this server, they will request for IBM DSA logs. The logs are quite extensive and cover almost all server config & can identify hardware issues with drivers...etc. I want to know if there is a way to analysis those logs offline without sending them to IBM support?
I was wondering how could I specify for how long the logs will be kept. Rsyslog doesn't have such an option (at least I didn't find it).Do I have to use logrotate for this, or is there some other option?
how to check maillogs for previous days. wht is command to check log for yesturday in sendmail8.14 .fedora os i know /var/log/maillog.this gives o/p for today but wht abut yesturday.?
Iam looking security specific event ID on Linux .hear are thousnds of event ID in Microsoft Windows/XP and VISTA etc. Similar way looking for Linux,unix ,Solaries,AIX etc event ID. I would to correlate and implement with Arcsight.
We are forwarding logs (perl script executed logs) to one Red Hat Linux box. We have to get 97 logs for each time the script runs. But we see inconsistent number of logs coming to Linux box. Like one time we got 56, other time 3 , other time 43.. like this.. We are sure that 97 logs are being forwarded. Checked the Rsyslog.config filer any filters and couldn't see any filter dropping them. When we run the tcpdump, we can see 97 connections, but logs are not there in specified location.