How to get successful delivery reported in miy log?

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

How to get successful delivery reported in miy log?

Gerben Wierda
Trying to get my postfix logging fully in order.

When a mail is sent to the outside world, my log shows:

Dec 31 01:21:32 mail submission/smtpd[16982]: connect from luna-wifi.rna.nl[192.168.2.89]
Dec 31 01:21:33 mail submission/smtpd[16982]: 06C9C19C940A: client=luna-wifi.rna.nl[192.168.2.89], sasl_method=CRAM-MD5, sasl_username=[snip]
Dec 31 01:21:33 mail postfix/cleanup[16985]: 06C9C19C940A: message-id=<[hidden email]>
Dec 31 01:21:33 mail postfix/qmgr[16777]: 06C9C19C940A: from=<[hidden email]>, size=2615, nrcpt=1 (queue active)
Dec 31 01:21:34 mail postfix/qmgr[16777]: 06C9C19C940A: removed

I don’t see logging that it was successfully handed to another smtp-server. I’ve tried adding -v to the smtpd commands in master.cf but that doesn’t really help.

I can’t use syslog on my system so I’m using postlog.


Reply | Threaded
Open this post in threaded view
|

Re: How to get successful delivery reported in miy log?

Wietse Venema
Gerben Wierda:

> Trying to get my postfix logging fully in order.
>
> When a mail is sent to the outside world, my log shows:
>
> Dec 31 01:21:32 mail submission/smtpd[16982]: connect from luna-wifi.rna.nl[192.168.2.89]
> Dec 31 01:21:33 mail submission/smtpd[16982]: 06C9C19C940A: client=luna-wifi.rna.nl[192.168.2.89], sasl_method=CRAM-MD5, sasl_username=[snip]
> Dec 31 01:21:33 mail postfix/cleanup[16985]: 06C9C19C940A: message-id=<[hidden email]>
> Dec 31 01:21:33 mail postfix/qmgr[16777]: 06C9C19C940A: from=<[hidden email]>, size=2615, nrcpt=1 (queue active)
> Dec 31 01:21:34 mail postfix/qmgr[16777]: 06C9C19C940A: removed
>
> I don?t see logging that it was successfully handed to another smtp-server. I?ve tried adding -v to the smtpd commands in master.cf but that doesn?t really help.

I remember that you reported a bug where a program cant talk to
postlogd if it opens the postlog socked after dropping privileges.

I posted a patch for that, but I never heard back if that worked,
and therefore that patch is not part of Postfix source code.

        Wietse

diff --exclude=man --exclude=html --exclude=README_FILES --exclude=INSTALL --exclude=.indent.pro --exclude=Makefile.in -r -ur /var/tmp/postfix-3.5-20190922/HISTORY ./HISTORY
--- /var/tmp/postfix-3.5-20190922/HISTORY 2019-09-21 11:54:59.000000000 -0400
+++ ./HISTORY 2019-10-12 16:32:04.000000000 -0400
@@ -24411,3 +24411,9 @@
  calls. This allows tlsproxy(8) to reset an I/O timer after
  each event without having to make an nbbio_disable_readwrite()
  call. Files: util/nbbio.c, tlsproxy/tlsproxy.c.
+
+20191007
+
+ Workaround: postlog clients open the socket before entering
+ the chroot jail and before dropping privileges. Files:
+ util/msg_logger.[hc], global/maillog_client.c.
diff --exclude=man --exclude=html --exclude=README_FILES --exclude=INSTALL --exclude=.indent.pro --exclude=Makefile.in -r -ur /var/tmp/postfix-3.5-20190922/src/global/maillog_client.c ./src/global/maillog_client.c
--- /var/tmp/postfix-3.5-20190922/src/global/maillog_client.c 2019-01-30 19:41:59.000000000 -0500
+++ ./src/global/maillog_client.c 2019-10-07 19:14:33.000000000 -0400
@@ -210,7 +210,7 @@
  if (var_maillog_file && *var_maillog_file) {
     ARGV   *good_prefixes = argv_split(var_maillog_file_pfxs,
        CHARS_COMMA_SP);
-    char **cpp;
+    char  **cpp;
 
     for (cpp = good_prefixes->argv; /* see below */ ; cpp++) {
  if (*cpp == 0)
@@ -264,6 +264,8 @@
  }
  if (service_path != import_service_path)
     myfree(service_path);
+ msg_logger_control(CA_MSG_LOGGER_CTL_CONNECT_NOW,
+   CA_MSG_LOGGER_CTL_END);
     }
 
     /*
diff --exclude=man --exclude=html --exclude=README_FILES --exclude=INSTALL --exclude=.indent.pro --exclude=Makefile.in -r -ur /var/tmp/postfix-3.5-20190922/src/util/msg_logger.c ./src/util/msg_logger.c
--- /var/tmp/postfix-3.5-20190922/src/util/msg_logger.c 2019-01-29 17:24:42.000000000 -0500
+++ ./src/util/msg_logger.c 2019-10-12 16:27:46.000000000 -0400
@@ -62,6 +62,10 @@
 /* .IP CA_MSG_LOGGER_CTL_DISABLE
 /* Disable the msg_logger. This remains in effect until the
 /* next msg_logger_init() call.
+/* .IP CA_MSG_LOGGER_CTL_CONNECT_NOW
+/* Close the logging socket if it was already open, and open
+/* the logging socket now, if permitted by current settings.
+/* Otherwise, the open is delayed until a logging request.
 /* SEE ALSO
 /* msg(3)  diagnostics module
 /* BUGS
@@ -111,6 +115,8 @@
 static int msg_logger_fallback_only_override = 0;
 static int msg_logger_enable = 0;
 
+#define MSG_LOGGER_NEED_SOCKET() (msg_logger_fallback_only_override == 0)
+
  /*
   * Other state.
   */
@@ -130,6 +136,26 @@
 #define STR(x) vstring_str(x)
 #define LEN(x) VSTRING_LEN(x)
 
+/* msg_logger_connect - connect to logger service */
+
+static void msg_logger_connect(void)
+{
+    if (msg_logger_sock == MSG_LOGGER_SOCK_NONE) {
+ msg_logger_sock = unix_dgram_connect(msg_logger_unix_path, BLOCKING);
+ if (msg_logger_sock >= 0)
+    close_on_exec(msg_logger_sock, CLOSE_ON_EXEC);
+    }
+}
+
+/* msg_logger_disconnect - disconnect from logger service */
+
+static void msg_logger_disconnect(void)
+{
+    if (msg_logger_sock != MSG_LOGGER_SOCK_NONE) {
+ (void) close(msg_logger_sock);
+ msg_logger_sock = MSG_LOGGER_SOCK_NONE;
+    }
+}
 
 /* msg_logger_print - log info to service or file */
 
@@ -203,12 +229,8 @@
      * will report ENOENT if the endpoint does not exist, ECONNREFUSED if no
      * server has opened the endpoint.
      */
-    if (msg_logger_fallback_only_override == 0
- && msg_logger_sock == MSG_LOGGER_SOCK_NONE) {
- msg_logger_sock = unix_dgram_connect(msg_logger_unix_path, BLOCKING);
- if (msg_logger_sock >= 0)
-    close_on_exec(msg_logger_sock, CLOSE_ON_EXEC);
-    }
+    if (MSG_LOGGER_NEED_SOCKET())
+ msg_logger_connect();
     if (msg_logger_sock != MSG_LOGGER_SOCK_NONE) {
  send(msg_logger_sock, STR(msg_logger_buf), LEN(msg_logger_buf), 0);
     } else if (msg_logger_fallback_fn) {
@@ -286,10 +308,7 @@
  switch (name) {
  case MSG_LOGGER_CTL_FALLBACK_ONLY:
     msg_logger_fallback_only_override = 1;
-    if (msg_logger_sock != MSG_LOGGER_SOCK_NONE) {
- (void) close(msg_logger_sock);
- msg_logger_sock = MSG_LOGGER_SOCK_NONE;
-    }
+    msg_logger_disconnect();
     break;
  case MSG_LOGGER_CTL_FALLBACK_FN:
     msg_logger_fallback_fn = va_arg(ap, MSG_LOGGER_FALLBACK_FN);
@@ -297,6 +316,11 @@
  case MSG_LOGGER_CTL_DISABLE:
     msg_logger_enable = 0;
     break;
+ case MSG_LOGGER_CTL_CONNECT_NOW:
+    msg_logger_disconnect();
+    if (MSG_LOGGER_NEED_SOCKET())
+ msg_logger_connect();
+    break;
  default:
     msg_panic("%s: bad name %d", myname, name);
  }
diff --exclude=man --exclude=html --exclude=README_FILES --exclude=INSTALL --exclude=.indent.pro --exclude=Makefile.in -r -ur /var/tmp/postfix-3.5-20190922/src/util/msg_logger.h ./src/util/msg_logger.h
--- /var/tmp/postfix-3.5-20190922/src/util/msg_logger.h 2019-01-29 17:24:42.000000000 -0500
+++ ./src/util/msg_logger.h 2019-10-07 19:14:33.000000000 -0400
@@ -35,6 +35,7 @@
 #define MSG_LOGGER_CTL_FALLBACK_ONLY 1
 #define MSG_LOGGER_CTL_FALLBACK_FN 2
 #define MSG_LOGGER_CTL_DISABLE 3
+#define MSG_LOGGER_CTL_CONNECT_NOW 4
 
 /* Safer API: type-checked arguments, external use. */
 #define CA_MSG_LOGGER_CTL_END MSG_LOGGER_CTL_END
@@ -43,6 +44,7 @@
  MSG_LOGGER_CTL_FALLBACK_FN, CHECK_VAL(MSG_LOGGER_CTL, \
  MSG_LOGGER_FALLBACK_FN, (v))
 #define CA_MSG_LOGGER_CTL_DISABLE MSG_LOGGER_CTL_DISABLE
+#define CA_MSG_LOGGER_CTL_CONNECT_NOW MSG_LOGGER_CTL_CONNECT_NOW
 
 CHECK_VAL_HELPER_DCL(MSG_LOGGER_CTL, MSG_LOGGER_FALLBACK_FN);
 
Reply | Threaded
Open this post in threaded view
|

Re: How to get successful delivery reported in miy log?

Gerben Wierda


On 31 Dec 2019, at 01:57, Wietse Venema <[hidden email]> wrote:

I remember that you reported a bug where a program cant talk to
postlogd if it opens the postlog socked after dropping privileges.

I posted a patch for that, but I never heard back if that worked,
and therefore that patch is not part of Postfix source code.


I see. I wasn’t aware I was supposed to test. I am using the postfix distribution via macports and have only done light adaptations (of Portfiles), not yet including patching. I am also not maintainer of this port.

I’ll see if I can have a look.

G