Beginning with V8.2 sendmail , the -X command-line switch can be used to record all input and output, SMTP traffic, and other significant transactions. The form of the -X (transaction) command-line switch looks like this: -X file Space between the -X and the file is optional. The file can be specified as either a full or a relative pathname. For security the -X command-line switch always causes sendmail to give up its privileges unless it was run by root . If the transaction file cannot be opened for writing, the following error is printed and no logging is done: cannot open file Otherwise, the file is opened in append mode, and each line that is written to it looks like this: pid what detail The pid is the process identification number of the sendmail that added the line. The what is one of these three symbols:
To illustrate , consider sending a mail message to yourself and to a friend at another site: % /usr/sbin/sendmail -X /tmp/xfile -oQ`pwd` yourself,friend@remote.host To: yourself,friend@remote.host Subject: test This is a test. . These few lines of input produce a long /tmp/xfile . The first few lines of that file are illustrative : 29559 <<< To: yourself,friend@remote.host 29559 <<< Subject: test 29559 <<< 29559 <<< This is a test. 29559 <<< . 29561 = == CONNECT remote.host 29561 <<< 220 remote.host ESMTP Sendmail 8.9.3; Fri, 13 Dec 2002 08:06:47 -0600 (MDT) 29561 >>> EHLO your.host 29561 <<< 250-remote.host Hello you@your.host [206.54.76.122], pleased to meet you 29561 <<< 250-8BITMIME 29561 <<< 250-SIZE 29561 <<< 250-DSN 29561 <<< 250-VERB 29561 <<< 250-ONEX 29561 <<< 250 HELP 29561 >>> MAIL From:<your@your.host> SIZE=65 29561 <<< 250 <your@your.host>... Sender ok 29561 >>> RCPT To:<friend@remote.host> 29561 <<< 250 Recipient ok 29561 >>> DATA 29561 <<< 354 Enter mail, end with "." on a line by itself 29561 >>> The first line of data here, 29561 >>> the second line of data here, 29561 >>> and so on. Notice that the process ID changes. After sendmail collects the message, it performs a fork (2) and exec (2) to handle the actual delivery. Because these transaction files include message bodies, they should be guarded . Never use the -X switch with the daemon unless you are prepared for a huge file and the possibility of disclosing message contents to nonprivileged users. |