proxmox-mirrors/pmg-log-tracker
1
0
Fork 0
mirror of https://git.proxmox.com/git/pmg-log-tracker synced 2025-04-28 13:03:18 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
146 Commits 1 Branch 0 Tags 228 KiB
Rust 98.5%
Makefile 1.5%
033d9fea42
Go to file
Mira Limbeck 033d9fea42 tests: update for log tracker time handling changes 
since we now calculate the time in UTC rather than local time, the time
values of each test had to be touched. those should differ by `E10`
(3600 seconds) in most cases since we set the TZ to Europe/Vienna for
the tests.

Signed-off-by: Mira Limbeck <m.limbeck@proxmox.com>
2024-02-23 18:29:17 +01:00
.cargo add .cargo/config and rustfmt.toml 2020-02-28 09:22:16 +01:00
debian bump version to 2.4.1 2023-06-28 13:07:30 +02:00
src rfc3339: move timezone offset compatibility code to old time parser 2024-02-23 18:29:17 +01:00
tests tests: update for log tracker time handling changes 2024-02-23 18:29:17 +01:00
.gitignore add .gitignore file 2022-01-03 14:56:17 +01:00
Cargo.toml use pico-args instead of clap 2024-02-13 15:54:42 +01:00
Makefile buildsys: derive upload dist automatically 2023-06-26 18:14:27 +02:00
README add before queue filter support 2020-02-21 09:47:35 +01:00
rustfmt.toml add .cargo/config and rustfmt.toml 2020-02-28 09:22:16 +01:00

README 

The pmg-log-tracker extracts information out of the syslog to match all entries
related to a single mail. It does so by using the PID of 'smtpd' entries in the
log as key for the SEntry structs. The QID, an ID consisting of at least 2 all
upper case hex digits, is used for both QEntry structs and FEntry structs.

As a rule of thumb, SEntrys are used wherever the services 'postscreen' and
'smtpd' are involved. QEntrys on the other hand are only used when a queue is
involved (e.g. after-queue filtering passing the postscreen checks,
before-queue filtering when the mail is 'accepted'). FEntrys are used whenever
the filter (pmg-smtp-filter) is involved.

The typical flow of a mail (after-queue):

1. postscreen (NOQUEUE -> mail finished)
2. smtpd (pid matching)
3. cleanup -> qmgr (mail in queue, QID matching)
4. pmg-smtp-filter (rule system, accept/block, long (Q)ID matching)
5. lmtp/smtp/local/error (QID matching, filter ID matching in lmtp)
6. qmgr ('removed')
7. smtpd ('disconnected from')

Both 6 and 7 are required before the mail can be printed completely.
6 and 7 can be logged in arbitrary order.

The typical flow of a mail (before-queue):

1. postscreen (NOQUEUE -> mail finished)
2. smtpd 1 (pid matching)
3. pmg-smtp-filter (rule system, accept/block, long (Q)ID matching)
  - on accept match the QID
4. smtpd 2 (pid matching)
5. (optional, only on 'accept') cleanup -> qmgr (mail in queue, QID matching)
6. (optional, only on 'accept') smtp (QID matching)
7. (optional, only on 'accept') qmgr ('removed')
8. smtpd 2 ('disconnect from')
9. smtpd 1 (proxy-accept/proxy-reject, filter (Q)ID matching)
10. smtpd 1 ('disconnect from')

7, 8 and 10 are required before the mail can be printed completely.
7, 8 and 10 can be logged in arbitrary order.