Joseph Lundgren wrote:
I have to agree. The logging in QMail plain sucks. It's almost made me switch to Postfix a few times. Unfortunately, I don't see any way of correlating the messages without modifying the patches, since there is no common discrimination between the logs. What a message is called (handle) in one log is something completely different in another log. If someone modified the various patches (a new patch, I think) to keep something common between the messages (even just a number that starts at 1 and increments) and found some way for the next daemon to keep track of this number and splice it into the logs I think we'd have something really good here. Otherwise you're at what I sent to Quinn a while back:All,Splunk is Very Neat. But, it's no good at deciphering qmail's logs (or at least, I never had any luck writing a custom search to provide the information that I need to see.) Also, for the quantity of email logs that I generate per day (>500MB), Splunk becomes non-free. Qmail's logging is, in my mind, the #1 reason that some administrators hate qmail. After coming from a postfix or sendmail world, it's damn near impossible to determine the exact disposition of a particular email. Admit it... Reading the /var/log/qmail/{smtp,send}/current file is a dark art.
cat * | grep [EMAIL PROTECTED] | tai64nlocalbetween the logs to find messages that come in at roughly the same times. I know this has given me problems in the past when multiple messages come in for the same recipient at the same time (high volume machine, LWQ based, not even Toaster). Not a solution, but my 2 cents.
smime.p7s
Description: S/MIME Cryptographic Signature
