# Yet another Postfix, Courier-Imap & Getmail question

## Gushy

Ok,  I've got postfix, courier-imap and getmail up and working nicely.  I'm left with two questions though, and searching these forums and googling has yet to get me the answers.

1.  Where is my log file?!  I've seen references to /var/log/mail on this forum but I dont' have one.  I've checked my main.cf over and over again but I can't see a log file setting.  what am I missing?

 FIXED 

2. I've got getmail dropping mail to my .maildir and it works lovely.  Question is, how can I get it to filter and drop mail to specific imap folders?

 ok it was late and I was stupid.  obviously I need procmail to do this. doh! 

----------

## fyerk

Postfix and imap should be logging via the system logger.  Which logger are you using? Metalog? Syslog?

----------

## Gushy

I'm using metalog.   I assume there might be a setting in metalog's config to change.  I'll have a quick look.

Ta.

----------

## barran

I have an mail.log file in /var/log, but maybe that is because i am using sysklogd?

Can you see something in /var/log/syslog?

Try doing an 

```
tail -f -n0 /var/log/*.log /var/log/syslog
```

 and then send a mail to a local user, then perhaps you will see the the mail arriving in one of the log files.

----------

## Gushy

I dont' have a /var/log/syslog  and metalog doesn't appear to have an equivalent.  :Sad: 

----------

## phunkphorce

I have Postfix and metalog and things go to /var/log/mail/current. I didn't have to do anything special to get that working...

----------

## Gushy

nope, haven't got one of those.

You could post the parts of your metalog and postfix conf's referring to mail logs could you?

must be nice to have mail logs.  :Sad: 

----------

## phunkphorce

There you go, my metalog's configuration file:

```

# Sample Metalog configuration file 

maxsize  = 100000

maxtime  = 86400

maxfiles = 5

Kernel messages :

  facility = "kern"

  logdir   = "/var/log/kernel"

Crond :

  program  = "crond"

  logdir   = "/var/log/crond"

  

Dudes firewalled by IPTrap :

  program  = "iptrap"

  logdir   = "/var/log/iptrap"

Password failures :

  regex    = "(password|login|authentication)\s+(fail|invalid)"

  regex    = "(failed|invalid)\s+(password|login|authentication)"

  regex    = "ILLEGAL ROOT LOGIN"

  logdir   = "/var/log/pwdfail"

#  command  = "/usr/local/sbin/mail_pwd_failures.sh"  

FTP Server :

  program  = "pure-ftpd"

  logdir   = "/var/log/ftpd"

  

SSH Server :

  program  = "sshd"

  logdir   = "/var/log/sshd"

Telnet :

  program  = "login"

  logdir   = "/var/log/telnet"

Imap :

  program  = "/usr/sbin/imapd"

  logdir   = "/var/log/imap"

POP Toaster :

  program  = "/usr/sbin/ipop3d"

  logdir   = "/var/log/pop"

#Add authenticated IP addresses for SMTP relaying :

#  program  = "/usr/sbin/ipop3d"

#  regex    = "Login.+nmsgs="

#  command  = "/usr/local/sbin/add_pop_address.sh"

Mail :

  facility = "mail"

  logdir   = "/var/log/mail"

Everything important :

  facility = "*"

  minimum  = 6

  logdir   = "/var/log/everything"

Everything very important :

  facility = "*"

  minimum  = 1

  logdir   = "/var/log/critical"

#

#Uncomment and adjust the following lines to 

#your needs to enable console logging

#

# Hint: you can change the device to which

#       should be logged in /usr/sbin/consolelog.sh

#

#console logging :

#

#  facility = "*"

#  command = "/usr/sbin/consolelog.sh"

```

As you can see, it's the default configuration file that comes with metalog, I  didn't make any changes to it.

Regarding Postfix, The output of postfconf -n doesn't show any difference with postfix's default values for logging... so it is exactly the same.

What about kernel logs? Do you have them? What do you have under /var/log? Does that folder even exist? Is it in the same partition as the / folder or is it mounted as another partition? Is there enough free space? Am I making too many question?  :Very Happy: 

----------

## Gushy

thanks phunkphorce.

Well your metalog conf looks the same as mine.

I have logs for the kernel and everything else on this system except mail in my /var/log; and I have plenty of space.

I've just done a postconf -v (didn't know about postconf before - thanks!)  and I get this:

```

2bounce_notice_recipient = postmaster

access_map_reject_code = 554

alias_database = hash:/etc/mail/aliases

alias_maps = hash:/etc/mail/aliases

allow_mail_to_commands = alias,forward

allow_mail_to_files = alias,forward

allow_min_user = no

allow_percent_hack = yes

allow_untrusted_routing = no

alternate_config_directories = 

always_bcc = 

append_at_myorigin = yes

append_dot_mydomain = yes

berkeley_db_create_buffer_size = 16777216

berkeley_db_read_buffer_size = 131072

best_mx_transport = 

biff = yes

body_checks = 

bounce_notice_recipient = postmaster

bounce_service_name = bounce

bounce_size_limit = 50000

broken_sasl_auth_clients = no

canonical_maps = 

cleanup_service_name = cleanup

command_directory = /usr/sbin

command_expansion_filter = 1234567890!@%-_=+:,./abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ

command_time_limit = 1000s

config_directory = /etc/postfix

content_filter = 

daemon_directory = /usr/lib/postfix

daemon_timeout = 18000s

debug_peer_level = 2

debug_peer_list = 

default_database_type = hash

default_delivery_slot_cost = 5

default_delivery_slot_discount = 50

default_delivery_slot_loan = 3

default_destination_concurrency_limit = 10

default_destination_recipient_limit = 50

default_extra_recipient_limit = 1000

default_minimum_delivery_slots = 3

default_privs = nobody

default_process_limit = 50

default_recipient_limit = 10000

default_transport = smtp

default_verp_delimiters = +=

defer_code = 450

defer_service_name = defer

defer_transports = 

delay_notice_recipient = postmaster

delay_warning_time = 0h

deliver_lock_attempts = 20

deliver_lock_delay = 1s

disable_dns_lookups = no

disable_mime_input_processing = no

disable_mime_output_conversion = no

disable_verp_bounces = no

disable_vrfy_command = no

dont_remove = 0

double_bounce_sender = double-bounce

duplicate_filter_limit = 1000

empty_address_recipient = MAILER-DAEMON

error_notice_recipient = postmaster

error_service_name = error

expand_owner_alias = no

export_environment = TZ MAIL_CONFIG

extract_recipient_limit = 10240

fallback_relay = 

fallback_transport = 

fast_flush_domains = $relay_domains

fast_flush_purge_time = 7d

fast_flush_refresh_time = 12h

fault_injection_code = 0

flush_service_name = flush

fork_attempts = 5

fork_delay = 1s

forward_expansion_filter = 1234567890!@%-_=+:,./abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ

forward_path = $home/.forward${recipient_delimiter}${extension},$home/.forward

hash_queue_depth = 2

hash_queue_names = incoming,active,deferred,bounce,defer,flush

header_address_token_limit = 10240

header_checks = 

header_size_limit = 102400

home_mailbox = .maildir/

hopcount_limit = 50

ignore_mx_lookup_error = no

import_environment = MAIL_CONFIG MAIL_DEBUG MAIL_LOGTAG TZ XAUTHORITY DISPLAY

in_flow_delay = 1s

inet_interfaces = all

initial_destination_concurrency = 5

invalid_hostname_reject_code = 501

ipc_idle = 100s

ipc_timeout = 3600s

line_length_limit = 2048

lmtp_cache_connection = yes

lmtp_connect_timeout = 0s

lmtp_data_done_timeout = 600s

lmtp_data_init_timeout = 120s

lmtp_data_xfer_timeout = 180s

lmtp_lhlo_timeout = 300s

lmtp_mail_timeout = 300s

lmtp_quit_timeout = 300s

lmtp_rcpt_timeout = 300s

lmtp_rset_timeout = 300s

lmtp_sasl_auth_enable = no

lmtp_sasl_password_maps = 

lmtp_sasl_security_options = noplaintext, noanonymous

lmtp_skip_quit_response = no

lmtp_tcp_port = 24

local_command_shell = 

local_destination_concurrency_limit = 2

local_destination_recipient_limit = 1

local_recipient_maps = 

local_transport = local

luser_relay = 

mail_name = Postfix

mail_owner = postfix

mail_release_date = 20020917

mail_spool_directory = /var/mail

mail_version = 1.1.11-20020917

mailbox_command = 

mailbox_command_maps = 

mailbox_delivery_lock = flock, dotlock

mailbox_size_limit = 51200000

mailbox_transport = 

mailq_path = /usr/bin/mailq

manpage_directory = /usr/local/man

maps_rbl_domains = 

maps_rbl_reject_code = 554

masquerade_classes = envelope_sender, header_sender, header_recipient

masquerade_domains = 

masquerade_exceptions = 

max_idle = 100s

max_use = 100

maximal_backoff_time = 4000s

maximal_queue_lifetime = 5d

message_size_limit = 10240000

mime_boundary_length_limit = 2048

mime_header_checks = $header_checks

mime_nesting_limit = 20

minimal_backoff_time = 1000s

mydestination = $myhostname, localhost.$mydomain

mydomain = barbados

myhostname = oistins.barbados

postconf: name_mask: subnet

postconf: mynetworks: 127.0.0.0/8 10.0.0.0/24 

mynetworks = 127.0.0.0/8 10.0.0.0/24 

mynetworks_style = subnet

myorigin = $myhostname

nested_header_checks = $header_checks

newaliases_path = /usr/bin/newaliases

non_fqdn_reject_code = 504

notify_classes = resource,software

owner_request_special = yes

parent_domain_matches_subdomains = debug_peer_list,fast_flush_domains,mynetworks,permit_mx_backup_networks,qmqpd_authorized_clients,relay_domains,smtpd_access_maps

permit_mx_backup_networks = 

pickup_service_name = pickup

prepend_delivered_header = command, file, forward

process_id_directory = pid

program_directory = /usr/lib/postfix

propagate_unmatched_extensions = canonical, virtual

qmgr_clog_warn_time = 300s

qmgr_fudge_factor = 100

qmgr_message_active_limit = 10000

qmgr_message_recipient_limit = 10000

qmgr_message_recipient_minimum = 10

qmqpd_authorized_clients = 

qmqpd_error_delay = 5s

qmqpd_timeout = 300s

queue_directory = /var/spool/postfix

queue_file_attribute_count_limit = 100

queue_minfree = 0

queue_run_delay = 1000s

queue_service_name = qmgr

readme_directory = no

recipient_canonical_maps = 

recipient_delimiter = 

reject_code = 554

relay_clientcerts = 

relay_domains = $mydestination

relay_domains_reject_code = 554

relayhost = 

relocated_maps = 

require_home_directory = no

resolve_dequoted_address = yes

rewrite_service_name = rewrite

sample_directory = /etc/postfix

sender_based_routing = no

sender_canonical_maps = 

sendmail_path = /usr/sbin/sendmail

service_throttle_time = 60s

setgid_group = postdrop

showq_service_name = showq

smtp_always_send_ehlo = yes

smtp_bind_address = 

smtp_connect_timeout = 30s

smtp_data_done_timeout = 600s

smtp_data_init_timeout = 120s

smtp_data_xfer_timeout = 180s

smtp_destination_concurrency_limit = $default_destination_concurrency_limit

smtp_destination_recipient_limit = $default_destination_recipient_limit

smtp_enforce_tls = no

smtp_helo_name = $myhostname

smtp_helo_timeout = 300s

smtp_line_length_limit = 990

smtp_mail_timeout = 300s

smtp_never_send_ehlo = no

smtp_pix_workaround_delay_time = 10s

smtp_pix_workaround_threshold_time = 500s

smtp_quit_timeout = 300s

smtp_randomize_addresses = yes

smtp_rcpt_timeout = 300s

smtp_sasl_auth_enable = no

smtp_sasl_password_maps = 

smtp_sasl_security_options = noplaintext, noanonymous

smtp_skip_4xx_greeting = yes

smtp_skip_5xx_greeting = yes

smtp_skip_quit_response = yes

smtp_starttls_timeout = 300s

smtp_tls_CAfile = 

smtp_tls_CApath = 

smtp_tls_cert_file = 

smtp_tls_cipherlist = 

smtp_tls_dcert_file = 

smtp_tls_dkey_file = $smtp_tls_dcert_file

smtp_tls_enforce_peername = yes

smtp_tls_key_file = $smtp_tls_cert_file

smtp_tls_loglevel = 0

smtp_tls_note_starttls_offer = no

smtp_tls_per_site = 

smtp_tls_session_cache_database = 

smtp_tls_session_cache_timeout = 3600s

smtp_use_tls = no

smtpd_banner = $myhostname ESMTP $mail_name

smtpd_client_restrictions = 

smtpd_data_restrictions = 

smtpd_delay_reject = yes

smtpd_enforce_tls = no

smtpd_error_sleep_time = 1s

smtpd_etrn_restrictions = 

smtpd_hard_error_limit = 20

smtpd_helo_required = no

smtpd_helo_restrictions = 

smtpd_history_flush_threshold = 100

smtpd_junk_command_limit = 100

smtpd_noop_commands = 

smtpd_null_access_lookup_key = <>

smtpd_recipient_limit = 1000

smtpd_recipient_restrictions = permit_mynetworks,check_relay_domains

smtpd_restriction_classes = 

smtpd_sasl_auth_enable = no

smtpd_sasl_local_domain = 

smtpd_sasl_security_options = noanonymous

smtpd_sender_login_maps = 

smtpd_sender_restrictions = 

smtpd_soft_error_limit = 10

smtpd_timeout = 300s

smtpd_tls_CAfile = 

smtpd_tls_CApath = 

smtpd_tls_ask_ccert = no

smtpd_tls_auth_only = no

smtpd_tls_ccert_verifydepth = 5

smtpd_tls_cert_file = 

smtpd_tls_cipherlist = 

smtpd_tls_dcert_file = 

smtpd_tls_dh1024_param_file = 

smtpd_tls_dh512_param_file = 

smtpd_tls_dkey_file = $smtpd_tls_dcert_file

smtpd_tls_key_file = $smtpd_tls_cert_file

smtpd_tls_loglevel = 0

smtpd_tls_received_header = no

smtpd_tls_req_ccert = no

smtpd_tls_session_cache_database = 

smtpd_tls_session_cache_timeout = 3600s

smtpd_tls_wrappermode = no

smtpd_use_tls = no

soft_bounce = yes

stale_lock_time = 500s

strict_7bit_headers = no

strict_8bitmime = no

strict_8bitmime_body = no

strict_mime_encoding_domain = no

strict_rfc821_envelopes = no

sun_mailtool_compatibility = no

swap_bangpath = yes

syslog_facility = mail

syslog_name = postfix

tls_daemon_random_bytes = 32

tls_daemon_random_source = 

tls_random_bytes = 32

tls_random_exchange_name = ${config_directory}/prng_exch

tls_random_prng_update_period = 60s

tls_random_reseed_period = 3600s

tls_random_source = 

transport_maps = 

transport_null_address_lookup_key = <>

transport_retry_time = 60s

trigger_timeout = 10s

undisclosed_recipients_header = To: undisclosed-recipients:;

unknown_address_reject_code = 450

unknown_client_reject_code = 450

unknown_hostname_reject_code = 450

verp_delimiter_filter = -=+

virtual_gid_maps = 

virtual_mailbox_base = 

virtual_mailbox_limit = 51200000

virtual_mailbox_lock = fcntl

virtual_mailbox_maps = 

virtual_maps = 

virtual_minimum_uid = 100

virtual_uid_maps = 

```

now according to all that it's set to syslog facilty 'mail'  which what metalog is supposed to be logging.

----------

## phunkphorce

Hmmmmmm... I really don't know what to say... I have compared now the output of my postfconf and the output of yours and they seem to be the same. 

Just in case,  this is what I have in my /var/log (check permissions and so on)

```
-rw-r--r--    1 root     users       38644 Jan 17 12:47 XFree86.0.log

-rw-r--r--    1 root     root        25384 Jan 13 00:30 XFree86.1.log

-rw-r--r--    1 root     root         5283 Jan 16 09:54 XFree86.8.log

drwxr-xr-x    2 root     root          136 Oct 14 12:27 apache

drwx------    2 root     root          184 Dec 29 14:20 critical

drwxr-xr-x    2 root     root           48 Aug 21 05:33 cups

-rw-r--r--    1 root     root       136799 Jan 17 11:26 emerge.log

drwx------    2 root     root          304 Jan 17 00:15 everything

drwxr-xr-x    2 root     root          208 Oct 27 17:56 icecast

-rw-r--r--    1 root     root       270722 Dec 15 18:13 kdm.log

drwx------    2 root     root          304 Jan 16 19:39 kernel

-rw-r--r--    1 root     root       293168 Jan 17 11:26 lastlog

drwx------    2 root     root          304 Jan 16 12:35 mail

drwxr-xr-x    2 mysql    mysql         112 Dec  5 22:10 mysql

drwxr-xr-x    2 root     root           72 Dec 18 16:36 news

drwx------    2 root     root          304 Jan 17 09:04 pwdfail

drwxr-xr-x    2 root     root           48 Sep 14 18:36 samba

-rw-r--r--    1 root     root       154593 Jan 13 15:18 scrollkeeper.log

drwxrwx---    2 snort    snort          48 Aug 22 14:33 snort

drwx------    2 root     root          304 Jan 16 11:43 sshd

drwx------    2 root     root          304 Jan 13 00:29 telnet

-rw-rw-r--    1 root     utmp      1943424 Jan 17 11:26 wtmp

-rw-r--r--    1 root     root         1436 Dec 11 01:09 xdm-errors

-rw-r--r--    1 root     nogroup     47621 Jan  4 14:59 xferlog

```

Also, compare this:

```

root@home log # ls -ld /var/log/

drwxr-xr-x   16 root     root          680 Jan 16 09:54 /var/log/

```

Does yours look the same?  And are you sure that metalog is up and running?

(I know all these are stupid checks, but maybe you overlooked something...)

----------

## Gushy

now I'm getting confused.  permissions are all the same (except for my lock of a /var/log/mail of course) and metalog is definitely up and running.

Don't worry, none of these are stupid checks at all.  We all miss things sometimes, I just wish I could see what it is I missed!  :Rolling Eyes: 

I have a log for getmail so I can review all incoming traffic via that.  Just be nice to see outgoing too.  :Wink: 

----------

## phunkphorce

How abuot creating the /var/log/mail folder manually and then restarting postfix? Maybe it can't find the folder and -instead of complaining, weird- it just doesn't log anything...

----------

## Gushy

ok we kinda made progress!!  :Very Happy: 

I set up a mail dir with the same permissions as yours. After sending 3 test mails I now have a current file although it's empty.  

However in my /var/log/everything/current I now have records of mail going out. Bizarre.

Well at least I'm getting something even though it's not where I want it!

----------

## phunkphorce

Did you restart just postfix or metalog as well? If you didn't, maybe it is better if you also restarted the latter... But it's definitely a good thing that we're making progress   :Cool: 

----------

## Gushy

there's good news, good news, and yes good news!

It all works as intended now!  :Very Happy:   :Very Happy: 

Thanks for your help Phunkphorce, very much appreciated.

----------

## phunkphorce

Don't mention it, I'm happy to hear that   :Cool: 

----------

