Previous Table of Contents Next


The System Log

The mail services log most errors using the syslogd program. The default is for syslogd to send messages to a system identified as the loghost.

Just as you define a system called mailhost to handle mail relaying, you can define a system called loghost in the /etc/hosts file to hold all logs for an entire NIS domain. The system log is supported by the syslogd program. You can specify a loghost in the Hosts database. If no loghost is specified, then error messages from syslogd are not reported.

This is the default /etc/syslog.conf file:

#ident  "@(#)syslog.conf     1.4   96/10/11 SMI"   /* SunOS 5.0 */
#
# Copyright (c) 1991-1993, by Sun Microsystems, Inc.
#
# syslog configuration file.
#
# This file is processed by m4 so be careful to quote (`') names
# that match m4 reserved words.  Also, within ifdef's, arguments
# containing commas must be quoted.
#
*.err;kern.notice;auth.notice                   /dev/console
*.err;kern.debug;daemon.notice;mail.crit        /var/adm/messages

*.alert;kern.err;daemon.err                     operator
*.alert                                         root

*.emerg                                         *

# if a non-loghost machine chooses to have authentication messages
# sent to the loghost machine, un-comment out the following line:
#auth.notice                    ifdef(`LOGHOST', /var/log/authlog,
                                @loghost)

mail.debug                      ifdef(`LOGHOST', /var/log/syslog, @loghost)

#
# non-loghost machines will use the following lines to cause "user"
# log messages to be logged locally.
#
ifdef(`LOGHOST', ,
user.err                                        /dev/console
user.err                                        /var/adm/messages
user.alert                                      `root, operator'
user.emerg                                      *
)
castle%  more /etc/syslog.conf
#ident  "@(#)syslog.conf        1.4     96/10/11 SMI"   /* SunOS 5.0 */
#
# Copyright (c) 1991-1993, by Sun Microsystems, Inc.
#
# syslog configuration file.
#
# This file is processed by m4 so be careful to quote (`') names
# that match m4 reserved words.  Also, within ifdef's, arguments
# containing commas must be quoted.
#
*.err;kern.notice;auth.notice                   /dev/console
*.err;kern.debug;daemon.notice;mail.crit        /var/adm/messages

*.alert;kern.err;daemon.err                     operator
*.alert                                         root

*.emerg                                         *

# if a non-loghost machine chooses to have authentication messages
# sent to the loghost machine, un-comment out the following line:
#auth.notice                    ifdef(`LOGHOST', /var/log/authlog,
                                @loghost)

mail.debug                      ifdef(`LOGHOST', /var/log/syslog, @loghost)

#
# non-loghost machines will use the following lines to cause "user"
# log messages to be logged locally.
#
ifdef(`LOGHOST', ,
user.err                                        /dev/console
user.err                                        /var/adm/messages
user.alert                                      `root, operator'
user.emerg                                      *
)

You can change the default configuration by editing the /etc/syslog.conf file.

When the syslogd daemon starts up, it creates the file /etc/syslog.pid, which contains its process ID number. This is an example of a syslog.pid file:

oak%  more /etc/syslog.pid
166
oak%

This is an example of a system log file:

oak% tail /var/log/mailog
Apr  4 09:47:41 oak sendmail[14192]: AA14190: to=<uucp>, delay=00:00:01,
stat=Sent
Apr  4 09:47:50 oak sendmail[14195]: AA14195: message-id=<9304041647
.AA195@oak.Eng.Sun.COM>
Apr  4 09:47:50 oak sendmail[14195]: AA14195: from=<uucp>, size=378,
class=0,
received from ignatz (129.144.52.69)
Apr  4 09:47:51 oak sendmail[14197]: AA14195: to=<uucp>, delay=00:00:01,
stat=Sent
Apr  4 10:44:27 oak sendmail[14280]: AA14280: message-
id=<93040401748.AA06975@castle.Eng.Sun.COM>
Apr  4 10:44:27 oak sendmail[14280]: AA14280: from=<winsor@castle>,
size=892,
class=0, received from zigzag (129.144.1.38)
Apr  4 10:44:27 oak sendmail[14282]:AA14280: to=lautner@oak,
delay=00:00:01,
stat=Sent
Apr  4 10:52:43 oak sendmail[14307]: AA14307: message-
id=<9304041753.AA05638@pigglet.Eng.Sun.COM>
Apr  4 10:52:43 oak sendmail[14307]: AA14307: from=<nixed@pigglet>,
size=918,class=0, received from piglet (129.144.154.7)
Apr  4 10:52:44 oak sendmail[14309]: AA14307: to=lautner@ oak,
delay=00:00:01,
stat=Sent
oak%


NOTE:  Because of the length of each entry, space has been added between entries in this example to improve readability.

Each line in the system log contains a timestamp, the name of the system that generated it, and a message. A large amount of information can be logged by syslog. The log is arranged as a succession of levels. At the lowest level, only unusual occurrences are logged. At the highest level, even the most mundane and uninteresting events are recorded. As a convention, log levels under 10 are considered useful. Log levels higher than 10 are usually used for debugging.

Troubleshooting Your Mail Configuration

The following sections provide some tips and tools that you can use for troubleshooting the mail.

Checking Aliases

To verify aliases and determine whether mail can be delivered to a given recipient, type /usr/lib/sendmail -v -bv recipient and then press Return. The command displays the aliases and identifies the final address as deliverable or not. Here is an example of the output:

% /usr/lib/sendmail -v -bv shamira@raks
shamira... aliased to   mwong
mwong... aliased to              shamira@raks
shamira@raks... deliverable
%


CAUTION! Take extra care to avoid loops and inconsistent databases when both local and domain-wide aliases are used. Be especially careful when you move a user from one system to another to avoid creating alias loops.


Previous Table of Contents Next