Logging question
Robert Schetterer
robert at schetterer.org
Thu Mar 29 09:42:01 CEST 2012
Am 29.03.2012 09:25, schrieb Ralf Hildebrandt:
> Mar 29 09:13:20 mail2 amavis[16916]: (16916-16) Passed CLEAN {RelayedOutbound}, LOCAL [141.42.206.36]:37952 [85.179.68.181]
> <absender at charite.de> -> <empfaenger at gmail.com>, Message-ID: <86e7921583186ccc7b08fa356655af14.squirrel at webmail.charite.de>,
> mail_id: hK-6Jq4eATvE, Hits: -2.14, size: 3977, queued_as: 3VJHHN5wKjz1tJd, dkim_new=default:charite.de, 538 ms
>
> [141.42.206.36]:37952 is my mailserver, but what is 85.179.68.181?
>
> Under which circumstance does amavis log 2 IPs in [] and what info is
> being logged there?
>
dig -x 85.179.68.181
; <<>> DiG 9.4.2-P2.1 <<>> -x 85.179.68.181
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7614
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3
;; QUESTION SECTION:
;181.68.179.85.in-addr.arpa. IN PTR
;; ANSWER SECTION:
181.68.179.85.in-addr.arpa. 86400 IN PTR e179068181.adsl.alicedsl.de.
looks like some dyn user ip, maybe the sender ip
your right that log looks strange, somthing at parse go fail etc?
--
Best Regards
MfG Robert Schetterer
Germany/Munich/Bavaria
More information about the amavis-users
mailing list