LINUX.IE, website of the Irish Linux Users' Group
Tux rules!

   
Home
New Users
Articles
Download
Projects
Community
Vendors

  Print Version
Email to...
 
Archives:


planetILUG

Recent News

News Archive


Join the
ILUG
on FaceBook


Join the
ILUG
on LinkedIn


Join the
ILUG SETI
Group



















 
 :: Mailing Lists

[ILUG] Postfix query

[ILUG] Postfix query

Kevin Philp kevin at cybercolloids.net
Fri Mar 26 09:41:07 GMT 2004 

I checked the pppd lod and the longest conenction to the ISP we had yesterday 
was 40 minutes, so we hadn't spent hours sending masses of mail.

looking at the grepped bit of log below there a couple of connections and 
diconnections from 192.168.1.4, all with wonky times and sandwiched between 
other items with the real time, so I am not convinced about the long smtp 
connection. I checked the clocks on 192.168.1.4 and they are fine....any idea 
where the log gets its time from.

Mar 25 17:05:17 server postfix/smtpd[5766]: disconnect from 
localhost[127.0.0.1]
Mar 25 12:05:19 server postfix/smtpd[5757]: connect from 
ws04.cybercolloids.office[192.168.1.4]
Mar 25 12:05:20 server postfix/smtpd[5757]: disconnect from 
ws04.cybercolloids.office[192.168.1.4]
Mar 25 17:05:21 server postfix/smtpd[5766]: connect from localhost[127.0.0.1]
Mar 25 17:05:21 server postfix/smtpd[5766]: disconnect from 
localhost[127.0.0.1]
Mar 25 12:17:42 server postfix/smtpd[6016]: connect from 
ws04.cybercolloids.office[192.168.1.4]
Mar 25 12:17:43 server postfix/smtpd[6016]: disconnect from 
ws04.cybercolloids.office[192.168.1.4]
Mar 25 17:17:45 server postfix/smtpd[6051]: connect from localhost[127.0.0.1]


====================================

On Thursday 25 March 2004, kevin at cybercolloids.net (Kevin Philp) wrote:
>Just noted something looking a bit odd in our Postfix logs. A good chunk of
>the postfix log appears to be logging 3 hours late. All of the (chopped)
>entries below where logged between 16.30 and 16.55 today. I checked the
>hardware and system times and they are synced OK and read correctly.
>
>Any idea whats happening?
>
>Mar 25 16:37:18 server postfix/smtpd[5142]: DD75F59F74:
>Mar 25 11:37:18 server postfix/cleanup[5133]: DD75F59F74:
>Mar 25 11:37:18 server postfix/nqmgr[25242]: DD75F59F74:
>Mar 25 16:37:18 server amavis[3785]: (03785-05) Passed,
>Mar 25 16:37:18 server amavis[3785]: (03785-05) TIMING [total 1682 ms] -
> SMTP Mar 25 16:37:18 server postfix/lmtp[5137]: 2D81159F72:
>Mar 25 16:37:18 server postfix/smtpd[5142]: disconnect from
>Mar 25 16:37:19 server postfix/local[5144]: DD75F59F74:
>Mar 25 11:37:19 server postfix/smtpd[5129]: disconnect from
>Mar 25 11:43:30 server postfix/smtp[5073]: 13AD659F73:
>Mar 25 16:52:13 server postfix[5437]: name_mask: subnet
>Mar 25 16:52:13 server postfix[5437]: mynetworks:
>Mar 25 11:52:23 server postfix/smtpd[5443]: connect from

I have remarked this before in Postfix logs. The only conclusion I ever came
to was that an SMTP connection had lasted for a LONG time though TBH I'd have
expected a connection to timeout before then.

Try finding all records of these odd connections by grepping the logs for the
connection number (e.g. DD75F59F74).




Niall

More information about the ILUG mailing list
Read this without the formatting.
                                                                                                    

  

Hosted by HEAnet


 Maintained by the ILUG website team. The aim of Linux.ie is to support and help commercial and private users of Linux in Ireland. You can display ILUG news in your own webpages, read backend information to find out how. Networking services kindly provided by HEAnet, server kindly donated by Dell. Linux is a trademark of Linus Torvalds, used with permission. No penguins were harmed in the production or maintenance of this highly praised website. Looking for the Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
RSS Version
Powered by Dell