[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [bug-mailutils] Mail, sends to dead.letter once in a while, to black

From: Sergey Poznyakoff
Subject: Re: [bug-mailutils] Mail, sends to dead.letter once in a while, to black hole mostly
Date: Thu, 04 Jul 2013 23:49:52 +0300

Gene Heskett <address@hidden> ha escrit:

> sendmail was not logging, and when it is, apparently sends this stuff to 
> the rsyslog.

It always is, and it always sends its messages to syslog, which is the
right thing, because:

> Shame on sendmail, it should keep its own logs instead of 
> having to search thru /var/log/messages.

Not at all, it is quite right in doing so. Every program *must* use
syslog for its diagnostics purposes. There's no other way to keep proper
logs on the system. 

> As far as perms, I am the only user on this system.

Yeah, I've already guessed you are. Which does not change the fact that
UNIX historically was, and still is a multi-user system and whatever it
does is directed to keep the privacy of its users unharmed. That's why,
in particular, all mailboxes have 0600 permissions. Trying to relax the
permissions will usually result in MDA refusing to deliver messages to
such a mailbox, which will be considered unsafe.

> So I have added my self to the /etc/group file for those users I need to be 
> able to see without doing a sudo -i.  That did not suffice for this.  Is 
> there a better way?

The only way to read the other user's mail is from the root account,
which by definition can do anything. Root can invoke "mail -f username".

> I did find this in this mornings /var/log/mail.log

These are the bits I was talking about.

> Jul  4 02:02:46 coyote sendmail[16012]: r645K1Np016012: from=amanda, 
> size=711, class=0,
> nrcpts=1, msgid=<address@hidden>, 
> address@hidden

This record tells that the message from user "amanda" was assigned
queue id r645K1Np016012 and was delivered via localhost.

The following record bears a different queue id:

> Jul  4 02:02:46 coyote sm-mta[19315]: r6462kMf019315: 
> from=<address@hidden>, size=985, class=0, nrcpts=1, 
> msgid=<address@hidden>, proto=ESMTP, 
> daemon=MTA-v4, relay=localhost []

It is issued by the mail transfer daemon which took the message over
from the mail submission agent (it is reflected in the msgid, which is
marked with the previous queue id).

Now, the third record:

> Jul  4 02:02:46 coyote sendmail[16012]: r645K1Np016012: to=amanda, 
> ctladdr=amanda (1001/1002), delay=00:42:45, xdelay=00:00:00, mailer=relay, 
> pri=30711, relay=[] [], dsn=2.0.0,
> stat=Sent (r6462kMf019315 Message accepted for delivery)

describes the further fate of that same message.  It informs you that
the message was successfully delivered to the user "amanda" (sic!) 

As a side-note, pay attention to the message issued by the mail delivery
agent itself:

> Jul  4 02:02:46 coyote procmail[19317]: Enforcing stricter permissions on 
> "/var/mail/amanda"

As I said above, it encountered the mailbox permissions to be unsafe
and fixed them.

Now, since the mail submission agent was instructed to deliver the mail
to <address@hidden> (as the verbose output from mail showed),
and the mail delivery agent directed it to the local user "amanda", we
can deduce that your MTA (or MDA() configuration expressly redirects all
mail to (at least) <address@hidden> to that local user.  That
can happen because of the alias record expressly redirecting the mail,
or due to a ".forward" file in your home directory, or due to some other
kind of aliasing enabled in your sendmail configuration.

I can tell the exact reason only by taking a look at your sendmail


reply via email to

[Prev in Thread] Current Thread [Next in Thread]