Install and use maybe-recordio script
Maybe-recordio is a little script written by John M. Simpson which makes it possible for an SMTP service to selectively enable recordio for certain IPs, so you can see what they are doing without filling up your log files with a lot of extra stuff you don't need to see from other addresses.
With this script, you can debug SMTP session coming from a determined IP
Additionnal information can be found on http://qmail.jms1.net/scripts/#maybe-recordio
Install it
cd /downloads/scripts
wget http://qmail.jms1.net/scripts/maybe-recordio
cp /downloads/scripts/maybe-recordio /usr/local/bin/
chmod 755 /usr/local/bin/maybe-recordio
wget http://qmail.jms1.net/scripts/maybe-recordio
cp /downloads/scripts/maybe-recordio /usr/local/bin/
chmod 755 /usr/local/bin/maybe-recordio
Activate it by modifying the file /service/qmail-smtpd/run (and/or /service/qmail-smtpdssl/run for SMTP SSL) by un-commenting RECORDIO
# djb's "recordio" can be used to log the raw SMTP conversations. # http://qmail.jms1.net/scripts/#maybe-recordio is a script which allows you # to log only certain conversations (for debugging issues with specific # clients, without killing your log files.)RECORDIO="recordio"
Restart the service
qmailctl restart
Restarting qmail: * Stopping qmail-smtpdssl. * Stopping qmail-smtpd. * Sending qmail-send SIGTERM and restarting. * Restarting qmail-smtpd. * Restarting qmail-smtpdssl.
Add the IP you want to monitor into the file /etc/tcp.smtp
xx.xx.xx.xx:allow,USE_RECORDIO="1" (where xx.xx.xx.xx is the IP you want to monitor)
qmailctl cdb
Analyze your logs in the file /var/log/qmail/qmail-smtpd/current (you can see the detailed SMTP session coming from the IP you want to monitor)
Users comments
If uncomment the line RECORDIO="recordio" isn't necessary put USE_RECORDIO="1" in the file /etc/tcp.smtp. All the mails have the same information, regardless of where they come.
Why?
Thanks