DOC HOME SITE MAP MAN PAGES GNU INFO SEARCH PRINT BOOK
 
Managing mail with MMDF

Authorization log files

MMDF authorization log files contain descriptions of authorization attempts and reasons for failure or success. Log files are produced by defining the appropriate authorization logging level.

The format of messages in the authorization log file is similar to other MMDF log files. Each message includes the date, time, message source, and message ID, followed by the log-specific information. The message also includes an ``end of processing'' message that describes the message sender and size. Each authorization message can include either one or two reasons for authorizing a particular message.

Message example:

   4/29  9:44:54 AU-0000:  msg.a000561: i='local' o='ucscc'
         a='lisa@rsre.AC.UK' r='CH' hi='' ho='username@rsre.ac.uk'
   4/29  9:44:54 AU-0000:  msg.a000561: i='local' o='ucscc'
         a='jane@rsre.AC.UK' r='CH' hi='' ho='username@rsre.ac.uk'
   4/29  9:44:55 AU-0000:  msg.a000561: END size='2102', sender='robert'


NOTE: Authorization log file messages appear on one line; the examples in this section split the lines for readability.

Authorization message keys

Keys used in authorization log file messages:


i
input channel

o
output channel

a
destination address

r
reason for authorization

hi
inbound host

ho
outbound host

Single-reason authorization codes

If the authorization message includes a single reason for authorization, the ``r'' key specifies a single authorization code that describes both the inbound and the outbound authorization when you use host-based authorization.

Single-reason authorization codes:


OH
outbound host/route

HC
outbound host/route and inbound channel

HH
inbound host/route and outbound host/route

CC
inbound channel and outbound channel

CH
inbound channel and outbound host/route

IH
inbound host/route
This example uses the CH authorization code:
   4/29  9:44:54 AU-0000:  msg.a000561: i='local' o='peaks'
         a='bob@rsre.AC.UK' r='CH' hi='' ho='username@rsre.ac.uk'
   4/29  9:44:54 AU-0000:  msg.a000561: i='local' o='peaks'
         a='mike@rsre.AC.UK' r='CH' hi='' ho='username@rsre.ac.uk'
   4/29  9:44:55 AU-0000:  msg.a000561: END size='2102', sender='cooper'
In this example, the authorized message has two recipients (bob and mike). The first authorization message shows that the inbound channel (``i'') is the local channel and the outbound channel is peaks. The ``a'' key indicates that the recipient's address is bob@rsre.ac.uk.

The reason (``r'') given for authorizing the message is CH; in other words, the inbound channel (local) has authorization to send mail to the given outbound host or route (specified by ``ho''), in this case username@rsre.ac.uk.

Two-reason authorization codes

Two-reason authorization codes describe the reason for authorization in terms of user-based authorization:


IL
inbound channel, outbound = LIST

OL
outbound channel, dest = LIST

IS
inbound channel by sender

OS
outbound channel by sender

IR
inbound channel by receiver

OR
outbound channel by receiver

I
inbound channel, log unauthorized access

O
outbound channel, log unauthorized access


NOTE: MMDF only uses these authorization codes when you set the ``auth=inlog'' or ``auth=outlog'' parameters of the AUTHLOG keyword in /usr/mmdf/mmdftailor.

The message in this example uses two-reason authorization (if no authorization is required for a channel, MMDF leaves the reason field (``r'') empty):

   4/29  9:53:09 AU-0000:  msg.a000653: i='local' o='your_company'
         a='john@edxa.ac.uk' r='' r='OS'
   4/29  9:53:10 AU-0000:  msg.a000653: END size='197', sender='david'
In this example, the message arrived (with no authorization required) on the local channel and is authorized to leave on the your_company channel because the sender (david) is authorized to use it (OS).

See also:


Next topic: Troubleshooting MMDF
Previous topic: Changing error logging levels

© 2005 The SCO Group, Inc. All rights reserved.
SCO OpenServer Release 6.0.0 -- 26 May 2005