In some other mailserver software there are functionalities for searching the logs. This is very handy when tracking down, what has happened to a particular message.
Now with the logs being in different log-files depending on module a trace type of search is nearly impossible without first joining the log files smartly.
Since the start of this community I am now receiving more than a 100 false messages based on honeypot catches. But thanks to running another mailserver than mercury for the web-based outbound I have the possibility to track the returning messages and their cause. Well, since I want to omit having a second mailserver software and only rely on Mercury, the search and examine possibility of the Logs would be appreciated. Below is an example log, showing a honeypot trace to cybernirvana.com.
2007-maj-24 14:12:05 Action: Message Accepted Client: 194.63.129.54 From: ILIJAGunko@CYBERNIRVANA.COM
To: cleanserdeftest@ihpu.se Subject: Kapitalanlage. Size: 894
SMTP ID: M2007052414115929535 Connection ID: 207297
2007-maj-24 14:12:17 Action: Message Delivery Attempt Failed Client: 194.63.129.54 From: ILIJAGunko@CYBERNIRVANA.COM
To: cleanserdeftest@ihpu.se Subject: Kapitalanlage. SMTP ID: M2007052414115929535
Connection ID: 207301 Last Command: RCPT To Last Response: 550 Address '<cleanserdeftest@ihpu.se>' not known here.
2007-maj-24 14:12:17 Action: Message Generated From: Symantec_Mail_Security_for_SMTP@workorder.se To: ILIJAGunko@CYBERNIRVANA.COM
Size: 1839 SMTP ID: M2007052414121729538 Reference SMTP ID: M2007052414115929535
Info: Automatically generated bounce message.
2007-maj-24 14:12:17 Action: Message Bounced Client: 194.63.129.54 From: ILIJAGunko@CYBERNIRVANA.COM
To: cleanserdeftest@ihpu.se Subject: Kapitalanlage. SMTP ID: M2007052414115929535
Info: Mailbox unknown or not accepting mail. Info2: 550 Address '<cleanserdeftest@ihpu.se>' not known here.
2007-maj-24 14:12:17 Action: Message Processing Completed Client: 194.63.129.54 From: ILIJAGunko@CYBERNIRVANA.COM
To: cleanserdeftest@ihpu.se Subject: Kapitalanlage. SMTP ID: M2007052414115929535
2007-maj-24 14:12:26 Action: Message Delivered Server: mail-fwd.g14.rapidsite.net:25 From: Symantec_Mail_Security_for_SMTP@workorder.se
To: ILIJAGunko@CYBERNIRVANA.COM SMTP ID: M2007052414121729538 Connection ID: 207303
Last Response: 250 0-0661568745 Message accepted for delivery
2007-maj-24 14:12:26 Action: Message Processing Completed From: Symantec_Mail_Security_for_SMTP@workorder.se To: ILIJAGunko@CYBERNIRVANA.COM
SMTP ID: M2007052414121729538
7 matching records found.
Mercury's log files are all plain text and can be easily searched using any grep or similar utility. They were specifically designed this way for exactly this reason.
Cheers!
-- David --
This is the one I use frequently, it's under dos though:
c:\>grep
Name: grep - regular expression search through files
Usage: grep [ -vclins? ] <pattern> file1 ...
Version: 3.0 for PCs with DOS 2.1 and higher
(C) Copyright Peter Stephen Heitman 1986 -- All Rights Reserved
Distributed with the PiCnix Package (tm) by Peter Stephen Heitman
Regular expression pattern matching algorithm:
Copyright (c) 1986 by University of Toronto.
Written by Henry Spencer. Not derived from licensed software.
I doubt this little util even know's what "the web" is[:D]
-- Han van den Bogaerde - support@vandenbogaerde.net Member of Pegasus Mail Support Group. My own Pegasus Mail related web information: http://www.vandenbogaerde.net/pegasusmail/
I use a spreadsheet (Excel - but OO works too) to import all my text log files.
Each log file gets its own tab and can refresh as required (manual or at set intervals).
This gives me the ability to have data analysis columns next to the imported log and to filter as I want.
After trying quite a few log viewers etc. (none would do it the way I want) I have found this the fastest way of doing log traces.
It can be handy to see what is happening live in the logs.
For Windows I use BareTail: http://www.baremetalsoft.com/baretail/
And for a windows based GUI Grep BareGrep: http://www.baremetalsoft.com/baregrep/index.php
Your previous draft for topic is pending
If you continue, your previous draft will be discarded.