|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Amavisd duplicate PID connections in logs
From: Vernon A. Fort (vfort
provident-solutions.com)
Date: Mon Nov 06 2006 - 10:52:52 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Using postfix-2.2.10 and amavisd-new-2.4.1. Amavisd is sending the
alert as well a quarantining the original message. What I'm seeing is
when the message is rejected for SPAM, the connections from the
localhost have the SAME PID (process ID number) for both the alert and
the message to be quarantined (example below).
main:cf: content_filter = smtp-amavis:localhost:amavis
master.cf:
smtp-amavis unix - - n - 8 smtp
-o smtp_send_xforward_command=yes
-o receive_override_options=no_address_mappings
-o smtp_data_done_timeout=1200
-o disable_dns_lookups=yes
Is this normal or have I miss configured something?
Vernon Fort
#Rejected message....
Nov 6 10:20:04 provone postfix/smtpd[14123]: connect from
unknown[88.229.172.117]
Nov 6 10:20:06 provone postfix/smtpd[14123]: 1A1367228E0:
client=unknown[88.229.172.117]
Nov 6 10:20:06 provone postfix/cleanup[14124]: 1A1367228E0:
message-id=<000b01c701bf$6c197ee0$0300000awinxp>
Nov 6 10:20:08 provone postfix/qmgr[13879]: 1A1367228E0:
from=<modestfuturekedbox.tribuneindia.com>, size=20899, nrcpt=1 (queue
active)
Nov 6 10:20:08 provone postfix/smtpd[14123]: disconnect from
unknown[88.229.172.117]
Nov 6 10:20:15 provone postfix/smtp[14128]: 1A1367228E0:
to=<jmnprovident-solutions.com>, relay=localhost[127.0.0.1],
delay=10,status=sent (250 2.7.1 Ok, discarded, id=13929-07 - SPAM)
Nov 6 10:20:15 provone postfix/qmgr[13879]: 1A1367228E0: removed
# The Quarantined message: notice the "postfix/smtpd[14132]"
Nov 6 10:20:14 provone postfix/smtpd[14132]: connect from
localhost[127.0.0.1]
Nov 6 10:20:14 provone postfix/smtpd[14132]: E106B7228E1:
client=localhost[127.0.0.1]
Nov 6 10:20:14 provone postfix/cleanup[14164]: E106B7228E1:
message-id=<000b01c701bf$6c197ee0$0300000awinxp>
Nov 6 10:20:14 provone postfix/qmgr[13879]: E106B7228E1:
from=<sysadminprovident-solutions.com>, size=21640, nrcpt=1 (queue active)
Nov 6 10:20:14 provone postfix/smtpd[14132]: disconnect from
localhost[127.0.0.1]
Nov 6 10:20:15 provone postfix/lmtp[14134]: E106B7228E1:
to=<sysadminprovident-solutions.com>,
relay=public/lmtp[public/lmtp],delay=1, status=sent (250 2.1.5 Ok)
Nov 6 10:20:15 provone postfix/qmgr[13879]: E106B7228E1: removed
# The alert message with the same "postfix/smtpd[14132]" process ID -
why does this use the same PID number?
Nov 6 10:20:15 provone postfix/smtpd[14132]: connect from
localhost[127.0.0.1]
Nov 6 10:20:15 provone postfix/smtpd[14132]: 050817228E2:
client=localhost[127.0.0.1]
Nov 6 10:20:15 provone postfix/cleanup[14124]: 050817228E2:
message-id=<SAqbn8nhp8WaJHprovone.provsol.net>
Nov 6 10:20:15 provone postfix/qmgr[13879]: 050817228E2:
from=<spamalertprovident-solutions.com>, size=5375, nrcpt=1 (queue active)
Nov 6 10:20:15 provone postfix/lmtp[14182]: 050817228E2:
to=<sysadminprovident-solutions.com>,orig_to=<spamalertprovident-solutions.com>,
relay=public/lmtp[public/lmtp],delay=0, status=sent (250 2.1.5 Ok)
Nov 6 10:20:15 provone postfix/smtpd[14132]: disconnect from
localhost[127.0.0.1]
Nov 6 10:20:15 provone postfix/qmgr[13879]: 050817228E2: removed
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]