|
Yes, Imail does function as a syslog. Using for my
nas's.
Mike
----- Original Message -----
Sent: Thursday, November 16, 2000 4:04
PM
Subject: RE: [IMail Forum] SYSLOG Server
- Backdoor/DOS Target?
Oh boy - you did it again
Len.<g> If YOU actually READ those pages (or open
your own
IMail Administrator) you'd have noticed that Imail does in fact
provide a
SYSLOG (logging) service! THAT's the one what I've been
talking
about.
I can't see in the .pdf nor in the KB where
it explicity states that Imail can function as a syslog service to other
machines. It looks like like that's the case, but it's not clear.
This:
Log Server
causes messages to be sent to the Log Server IP
address specified on
the Log Files tab.
... is very clear saying Imail will
send log info to an ip address, but again it's not clear whehter that's remote
ip address or just one on the local machine. I tend to think it's a remote ip
since Imail has plenty of log-to-local-file options.
However, according to the manual
(which I dutifully had already read beforI posted my QUESTION), it only
creates a Spool/LOGmmdd.txt file. So (unless
you use a THIRD party
log server and disable IMail log server): instead of
getting your Imail
logs in a Spool/SYSmmdd.txt.
I was questioning the wisdom of even
offering a log service that does
nothing but essentially "change" the
file name from "SYS..." to "LOG...".
yes, that seems kind of
useless, and that's partly why I think above text from the manual implies
sending log info to a remote ip address.
In fact, I now realize that this log
service can be used to fill my disk
drive.
You mean some
remote machine hosing log info into Imail? yes, like installing Imail as a
default open relay, that would be a dumb default value.
>> This is sending logging
data in RFC format across tcp/ip to a "log
server". It has nothnig to do
with logging to the Imail's local disk. <<
WRONG!
RTFM! The Syslog service that Imail provides does nothing BUT
log
to disk!
The manual is not at all clear. It also
logs to an ip. "where" you enter that ip in the manual is now different
from where it is entered in teh GUI.
See - that's why I asked where THOSE
questions were answered in the manual -
because it mentions the option
but is very quiet about the purpose of this
"log to disk" service and why
I would choose that over logging straight to
disk. I really thing,
the SYSLOG service should be disabled by default.
of course,
no question.
If someone wants to change the Imail
settings to actually USE it, they can
enable it first.
Yes,
safe defaults, always, esp when the kind of people who buy NT mail products
are not experience sys admins or mail admins.
All dangerous
services turned off as installed defaults, requiring explicit turn on.
eg, open relay shoul be "relay for addresses", the ONLY safe
option.
Len
|
