CENTOS 5.x | Sendmail
Occasionally I need to search through sendmail delivery logs to find out what happened to a missing message. This usually involves two (or more) steps:
STEP 1: Search /var/log/maillog for the user's email address. For example grep -i "someuser@recipientdomain.com" /var/log/maillog
That usually returns something like this:
Jan 11 07:43:34 server-example sendmail[12732]: p937blksdh3: to=<someuser@recipientdomain.com>, delay=00:00:00, xdelay=00:00:00, mailer=esmtp, pri=102537, relay=mta.recipientdomain.com. [12.34.56.78], dsn=5.7.1, stat=Service unavailable
STEP 2: I'll then grab the unique message name (in this case p937blksdh3) and search for that. For example: grep -i p937blksdh3 /var/log/maillog
I want to combine steps 1 and 2 into a one-liner and have it automatically perform the same search for other ids. So in a single command, I'd like to do the following:
- Search sendmail maillog for specific string.
- Identify the message-id (in the example above, this was p937blksdh3) for the email. (I'm guessing awk '{print $}' would be used?)
- Search the same log but search for the message id instead (basically grep -i p937blksdh3 /var/log/maillog in the example above)
- Output the results of step 3. Repeat this for other message ids.
Best Answer
You could do something similar to this.
This will grep out the line for the user you are looking for, then select the 5th item on the line (seperated by spaces iirc). Then for each message ID in that list, will then grep for the lines containing the message ID's.
If you want to remove the : from the end of the message ID, you can do something like for i in
grep -i "someuser@recipientdomain.com" /var/log/maillog | awk '{print $5}' | sed 's/\://; do grep -i $i /var/log/maillog; doneHope that helps.