[Rspamd-Users] syslog and missing log messages

rspamd at vlh.dk rspamd at vlh.dk
Thu Apr 11 18:57:39 UTC 2024 

Hi,

The logs on the ssyslog end seems to have some data in it that's not in the
jail - specifically this part:

? rspamd_task_write_log ? rspamd_protocol_http_reply

Could transmission from jail to syslog host have gone wrong?

-Kim


> -----Original Message-----
> From: Users <users-bounces at lists.rspamd.com> On Behalf Of Michael Grimm
> via Users
> Sent: 11. april 2024 14:04
> To: users at lists.rspamd.com
> Cc: Michael Grimm <trashcan at ellael.org>
> Subject: [Rspamd-Users] syslog and missing log messages
> 
> Hi,
> 
> this is rspamd 3.8.4 and postfix 3.9.0 (milter) running in a jail with
FreeBSD
> 14-STABLE as host.
> 
> My /etc/syslog.conf is configured to send all syslog messages to the
host's
> syslog, *and* to a logfile in addition:
> 
> 	mail.* /var/log/maillog
> 	*.* @<host IP>
> 
> My local.d/loggin.inc is as follows:
> 
> 	type = "syslog";
> 	facility = "mail";
> 	level = "info";     # log all non-debug messages
> 
> I do have difficulties to understand, why some the rspamd messages aren't
> forwarded to the host's syslog but are reported to /var/log/maillog.
> 
> Example /var/log/maillog in the jail:
> 
> Apr 11 13:42:20 mail rspamd[72887]: <358183>; proxy; finalize_item: slow
> rule: DKIM_CHECK(189): 803.19 ms; enable slow timer delay Apr 11 13:42:20
> mail rspamd[72887]: <358183>; proxy; rspamd_stat_classifiers_process: skip
> statistics as SPAM class is missing Apr 11 13:42:20 mail rspamd[72887]:
> <358183>; proxy; rspamd_task_write_log: id:
> <eyir2q6cqoibchg7i2zpj7ovnfuee3dld2ygq6ex6fjsfivcvj at ujgmihmfgie5>, qid:
> <4VFd8q0HCjzxrc>, ip: ...
> Apr 11 13:42:20 mail rspamd[72887]: <358183>; proxy;
> rspamd_protocol_http_reply: regexp statistics: 225 pcre regexps scanned, 1
> regexps matched, 176 regexps total, 11 regexps cached, 46.92KiB scanned
> using pcre, 46.92KiB scanned total Apr 11 13:42:20 mail rspamd[72887]:
> <e27081>; proxy; proxy_milter_finish_handler: finished milter connection
Apr
> 11 13:43:01 mail rspamd[72888]: <yj9776>; map; http_map_finish: data is
> not modified for server maps.rspamd.com, next check at Thu, 11 Apr 2024
> 15:43:01 GMT (http cache based: Thu, 11 Apr 2024 15:43:01 GMT)
> 
> Corresponding syslog at the host:
> 
> Apr 11 13:42:20 <mail.info> mail rspamd[72887]: <358183>; proxy;
> finalize_item: slow rule: DKIM_CHECK(189): 803.19 ms; enable slow timer
> delay Apr 11 13:42:20 <mail.info> mail rspamd[72887]: <358183>; proxy;
> rspamd_stat_classifiers_process: skip statistics as SPAM class is missing
?
> rspamd_task_write_log ? rspamd_protocol_http_reply Apr 11 13:42:20
> <mail.info> mail rspamd[72887]: <e27081>; proxy;
> proxy_milter_finish_handler: finished milter connection Apr 11 13:43:01
> <mail.info> mail rspamd[72888]: <yj9776>; map; http_map_finish: data is
not
> modified for server maps.rspamd.com, next check at Thu, 11 Apr 2024
> 15:43:01 GMT (http cache based: Thu, 11 Apr 2024 15:43:01 GMT)
> 
> 
> FYI: reverting /etc/syslog.conf entries and omitting 'mail.*
/var/log/maillog'
> doesn't help.
> 
> 
> Any hints for understanding and thus solving this issue is highly
appreciated.
> 
> Thanks in advance and regards,
> Michael
> --
> Users mailing list
> Users at lists.rspamd.com
> https://lists.rspamd.com/mailman/listinfo/users

More information about the Users mailing list