[Logcheck-devel] Bug#644583: postfix smtpd_client_port_logging and smtpd_tls_wrappermode errors
Loïc Minier
lool at dooz.org
Fri Oct 7 07:20:53 UTC 2011
Package: logcheck
Version: 1.3.14
Severity: wishlist
Tags: patch
Hi there
I use postfix with smtpd_client_port_logging = yes and I also
configured it to provide SMTPS/SSMTP with smtpd_tls_wrappermode=yes.
Concerning smtpd_client_port_logging, some regexps in logcheck have
optional port information while others don't.
Concerning smtpd_tls_wrappermode, this doesn't change anything except
that it's more common that postfix misses remote IP and port
information (and obviously reverse DNS) for clients, typically after a
port scan. Again, some log messages allow for "unknown" in the place
of the IP address but some miss this.
I recently got this:
Oct 7 03:11:43 host postfix/smtpd[27300]: setting up TLS connection from unknown[unknown]:unknown
Oct 7 03:11:43 host postfix/smtpd[27300]: SSL_accept error from unknown[unknown]:unknown: -1
Oct 7 03:11:43 host postfix/smtpd[27300]: lost connection after CONNECT from unknown[unknown]:unknown
Attaching a patch which allows for an optional port and allows some IP
and ports to be unknown for the above messages.
Cheers,
--
Loïc Minier
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-postfix-more-unknown-IP-and-optional-port.patch
Type: text/x-diff
Size: 5042 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20111007/93e95d16/attachment.patch>
More information about the Logcheck-devel
mailing list