well, I came in today to a raft of messages that users couldn't email from UNIX (HP-UX B.11.23 U i64)
/etc/mail/sendmail.cf was missing - just GONE from the directory. Other files were there.
mail was successfully sent at 19:48 last night and unsuccessful at 00:10. At least those are times are are sure about.
So, I thought I'd look in the mail.log.
/var/adm/syslog -- both syslog.log and mail.log had been reset to 0 at 22:17 and 22:18 respectively.
No one with root passwd admits to doing anything, nor would they do anything.
what the heck might have happened ... how can I find out if there is anything else ... how can I explain this ... how can I prevent this ... etc.
I have restored /etc/mail/sendmail.cf from a backup and mail is now working.
But nothing of the outbound mail is showing in /var/adm/syslog/mail.log
it is still:
Quote:
var/adm/syslog> ll
total 0
-rw-r--r-- 1 root root 0 Oct 28 10:35 OLDsyslog.log
-rw-rw-rw- 1 root sys 0 Jan 5 22:17 mail.log
-rw-rw-rw- 1 root sys 0 Jan 5 22:18 syslog.log