> For a single tls/ssl pop check: > > Jul 27 16:51:00.684 2003 [88376] Set server-mode > Jul 27 16:51:00.684 2003 > Jul 27 16:51:00.684 2003 [88376] Set shy to true > Jul 27 16:51:00.684 2003 > Jul 27 16:51:00.684 2003 [51184] Set reverse-lookup to false > Jul 27 16:51:00.684 2003 > Jul 27 16:51:00.684 2003 [88376] (v4.0.5) TLSv1/SSLv3 handshake with client at > 67.3.171.145 (67.3.171.145); new session-id; cipher: DES-CBC3-SH > xxxxxxxxxxxx > Jul 27 16:51:00.684 2003 > Jul 27 16:51:02.794 2003 [88376] Stats: cs 0 0 0 0 67.3.171.145 67.3.171.145 > Jul 27 16:51:02.794 2003 > Jul 27 16:51:02.794 2003 [88376] TLS shutdown Error > Jul 27 16:51:02.794 2003 > _________________ > > Setting a option like servermode in the config file writes a log entry each > time popper is called when using tracefile. This is true of the shy options and > others as well. > "Jul 26 20:27:20.665 2003 [73310] Set reverse-lookup to false" > "Jul 26 20:27:20.665 2003 [73310] Set shy to true" > "Jul 26 20:27:20.665 2003 [73310] Set server-mode to true" > _________________ > > Tracefile generates lots of blank lines with just a date/time. > > __________________________________________________ > > What is needed is a logfile command combined with a loglevel. > Also a good review of how tls/ssl is logged and in fact how every option combo > is logged.
There is actually a pretty easy way to control what is logged and what isn't. The order in your config file is important: Everything listed before the set-tracefile is not logged. Everything listed after the set-tracefile command is. so if set-tracefile is the last thing in your config file, the volume logged is much lower. Still, there are 2 lines for each non-tls pop check (the timestamp of the start of check, and the timestamp of the stop check along with the username, process #, mail stats and IP (which is logged twice if DNS lookups are turned off). As well, TLS/SSL information is also logged, resulting in an additional 2 lines (one for TLS startup, one for TLS shutdown error) in most cases. At least all the "set" items are not logged. Michael Kolos Administrateur de R�seau Network Administrator ColbaNet Inc. NOCC_______________________________ ColbaNet - http://www.colba.net
