I am planning on killing non-secure IMAP4 service on my server. So I ran this command in the log file location:
grep -i 'INFO: LOGIN' * > imap4user.log
This gave me a list of all the emails that have logged into regular IMAP. Pasting that into Excel I was able to create a nice, no duplicates list pretty quickly.
But my log files don’t go back that far, so I was wondering if I could change this so I could get a wider range of emails, then after I could set it back to normal log retention.
This way I can alert my user that they need to switch to SSL.
Good question, which I think has been asked before
I think you need to look at logrotate.conf (/etc/logrotate.conf), and change rotate to the number of logs to be left, which is set to 1, so 1 log should be left after rotation I believe. Setting this say to 4, would leave 4 logs after rotation.
I know IW use logrotation is used, but may also be listed in cron folders
I could be wrong though, as it is early here and my little brain cell has not woken up fully sorry.
I hope that helps
Thanks John, I checked out that file which led me to /etc/logrotate.d/ folder, but there isn’t a file for IMAP or POP3 in here.
So close, but seems the setting for this is somewhere else.
Many thanks, I thought of logrotate.d but didn’t think anything was configured there
You need to change rotate 1 to a higher value, as it is this that determines the number of logs to retain
You could also have a quick look at logrotate man
I hope that helps but sorry if I’m wrong
Oh, sorry 1 more idea as workaround, why not rsync the log folder to your computer - just an idea
Main conf file:
# see "man logrotate" for details
# rotate log files weekly
# keep 4 weeks worth of backlogs
So doesn’t seem to be on the same page as my IMAP logs.
Rsync idea is brilliant though! This is normally the stuff I come up with and didn’t even occur to me. I can just rsync it to my other drive every 12 hours or so and keep a full history for as long as I want!