On 2007-08-29 13:07:06 -0400, Guy Hulbert wrote: > On Wed, 2007-08-29 at 18:15 +0200, Tony L. Svanstrom wrote: > > On Wed, 29 Aug 2007 the voices made Guy Hulbert write: > > > > GH> Why is there all this confusion about "security" ? The goal is to have > > GH> a unique MessageID for logs ... > > > > Then forget about the word "security", and let's just say that people > > might > > want to have unique IDs that'll be unique even when they've got more than > > one > > server and centralized/aggregated logging... But we're not even there right > > now, "we" are still stuck on how to make the IDs 100% unique within a > > single > > server as it might be setup by "any" qpsmtpd-user. > > There have been several adequate suggestions. This is only a problem if > it goes into the qpsmtpd core since some of the suggestions are reported > to be in use already. > > Perhaps it would help to agree on a list of requirements. From what I > can remember these are: > > 1. A unique ID per message (on one server).
I'd rephrase that as "unique ID per transaction". Not every transaction
results in a message (indeed, on my systems 90+% of transactions don't
result in a message).
> 2. Ability to distinguish per recipient.
I'm not even sure what "per recipient" should mean here. Does it mean
"per RCPT command", so that a log file looks something like this:
abcdef.0 Accepted connection 1/15 from 192.0.2.1 /foo.example.com
abcdef.0 check_earlytalker plugin: remote host said nothing spontaneous,
proceeding
abcdef.0 220 ns1.hjp.at ESMTP qpsmtpd 0.40 ready; send us your mail, but not
your spam.
abcdef.0 dispatching EHLO foo.example.com
abcdef.0 250-ns1.hjp.at Hi foo.example.com [192.0.2.1]
abcdef.0 250-PIPELINING
abcdef.0 250-8BITMIME
abcdef.0 250 STARTTLS
abcdef.0 dispatching MAIL FROM:<[EMAIL PROTECTED]>
abcdef.0 from email address : [<[EMAIL PROTECTED]>]
abcdef.0 Plugin check_badmailfrom, hook mail returned DECLINED
abcdef.0 250 <[EMAIL PROTECTED]>, sender OK - how exciting to get mail from you!
abcdef.1 dispatching RCPT TO:<[EMAIL PROTECTED]>
abcdef.1 to email address : [<[EMAIL PROTECTED]>]
abcdef.1 Plugin aliases_check, hook rcpt returned DECLINED,
abcdef.1 Plugin spamhaus, hook rcpt returned DECLINED,
abcdef.1 250 <[EMAIL PROTECTED]>, recipient ok
abcdef.2 dispatching RCPT TO:<[EMAIL PROTECTED]>
abcdef.2 to email address : [<[EMAIL PROTECTED]>]
abcdef.2 Plugin aliases_check, hook rcpt returned DECLINED,
abcdef.2 Plugin spamhaus, hook rcpt returned DECLINED,
abcdef.2 250 <[EMAIL PROTECTED]>, recipient ok
abcdef.0 dispatching DATA
...
or really distinguish recipients? The latter doesn't make much sense to
me (before the first RCPT there are 0 recpients, and after the second
(successful) RCPT there is more than one, so there are a lot of cases
where this is ambiguous. As for the former, I don't see that much use in
it, either. Grouping lines from "dispatching ..." to the response
together seems easy enough, and if you find that hard for some reason,
it doesn't apply only to recipients - you might want a command counter.
> 3. Ability to identify the server.
4. Ability to identify the connection.
A connection can contain several transactions, and would not
like to lose the information that two log entries are from
the same connection.
If we want transaction (and possibly command) ids, I would derive them
from the connection id via simple counters:
$transaction_id = "$connection_id.$transaction_counter"
$command_id = "$transaction_id.$command_counter"
where the counters are local to their parent and start at 0.
> A sequence solves (1) except for simultaneous processing of
> incoming messages via:
>
> a) async
> b) threads/multiple cpus
> c) local ports (possibly on multiple addresses)
I think you'll have to define "sequence". If you have one global
sequence, that will work in all of these cases. Or you can have multiple
sequences, but then you need a prefix to distinguish them.
hp
--
_ | Peter J. Holzer | I know I'd be respectful of a pirate
|_|_) | Sysadmin WSR | with an emu on his shoulder.
| | | [EMAIL PROTECTED] |
__/ | http://www.hjp.at/ | -- Sam in "Freefall"
signature.asc
Description: Digital signature
