Sendmail Operation Guide

The system log

The system log is supported by the syslogd(1M) program. All messages from sendmail(1M) are logged under the LOG_MAIL facility.

Each line in the system log consists of a timestamp, the name of the machine that generated it (for logging from several machines over the local area network), the word sendmail:, and a message.


NOTE: This format may vary slightly if your vendor has changed the syntax.

Most messages are a sequence of name=value pairs.

The two most common lines are logged when a message is processed. The first logs the receipt of a message; there will be exactly one of these per message. Some fields may be omitted if they do not contain interesting information. The fields are:


from
The envelope sender address.

size
The size of the message in bytes.

class
The class (for example, numeric precedence) of the message.

pri
The initial message priority (used for queue sorting).

nrcpts
The number of envelope recipients for this message (after aliasing and forwarding).

msgid
The message ID of the message (from the header).

proto
The protocol used to receive this message (for example, ESMTP or UUCP).

relay
The machine from which it was received.
There is also one line logged per delivery attempt (so there can be several per message if delivery is deferred or there are multiple recipients). The fields are:

to
A comma-separated list of the recipients to this mailer.

ctladdr
The ``controlling user'', that is, the name of the user whose credentials we use for delivery.

delay
The total delay between the time this message was received and the time it was delivered.

xdelay
The amount of time needed in this delivery attempt (normally indicative of the speed of the connection).

mailer
The name of the mailer used to deliver to this recipient.

relay
The name of the host that actually accepted (or rejected) this recipient.

stat
The delivery status.
Not all fields are present in all messages; for example, the relay is not listed for local deliveries.

If you have syslogd(1M) or an equivalent installed, you will be able to do logging. There is a large amount of information that can be logged. The log is arranged as a succession of levels. At the lowest level only extremely strange situations are logged. At the highest level, even the most mundane and uninteresting events are recorded for posterity. As a convention, log levels under ten are considered generally useful; log levels above 64 are reserved for debugging purposes. Levels from 11-64 are reserved for verbose information that some sites might want.

A complete description of the log levels is given in ``Log level''.


© 2000 The Santa Cruz Operation, Inc. All rights reserved.