MailScanner and syslog (fixed!)

Quentin Campbell Q.G.Campbell at NEWCASTLE.AC.UK
Thu Mar 28 09:14:09 GMT 2002

> -----Original Message-----
> From: Nick Phillips [mailto:nwp at] 
> Sent: 27 March 2002 21:27
> Subject: Re: MailScanner and syslog
> If the "-r" no longer helps, it may be that in the most 
> recent RedHats something has changed - is 514/udp being 
> filtered, is the syslogd different, is routing to localhost 
> set up correctly?

Nick, Mike

It turns out that it was my mistake and "-r" is all that is needed in
RedHat 7.2!

The /etc/sysconfig/syslog file configures TWO utilities - syslogd and
klogd (the kernel log daemon). I had added "-r" to klogd's options
rather than those of syslogd. Sigh!!

Re. your comments about port 514/udp, RedHat 7.2 does block this port by
default in /etc/sysconfig/ipchains; in fact it blocks all UDP ports
below 1024. I believe this default blocking is a feature new to 7.2.

This does not appear to affect logging via syslog when the "-r" option
is used and ipchains does not need to be changed. Note that I did change
ipchains for port 514/udp but backed this off after the "-r" fix and
then restarted ipchains to ensure the status quo ante.

I am happy now that MailScanner logging is working but confused as to
why it is working given Nick's comments and the default filtering of
port 514/udp that is done in RedHat 7.2.

PHONE: +44 191 222 8209    Computing Service, University of Newcastle
FAX:   +44 191 222 8765    Newcastle upon Tyne, United Kingdom, NE1 7RU.
"Any opinion expressed above is mine. The University can get its own."  

More information about the MailScanner mailing list