Thank You for Your time and answer, Victor: > The only thing recorded by Postfix is either the SMTP client source IP > address (and optionally the source port) or the Unix uid of the process
Yea, I've seen that. My question is about some kind of postfix/etc logging level or an utility (as I have access to the system (Linux) logs) that can provide the info. > that invoked sendmail(1). With SMTP, if the client uses SASL auth, > that's also in the logs. No they (hackers) do not use SASL in my case.
