On Tue, Feb 15, 2011 at 07:28:57PM -0500, Wietse Venema wrote:
> Victor Duchovni:
> > On Mon, Feb 14, 2011 at 08:24:14AM -0500, Wietse Venema wrote:
> >
> > > In the SMTP server, this could be logged as:
> > >
> > > QUEUEID: client=foo.example.com, tls=whatever
> > >
> > > That line is logged whenever the Postfix SMTP server opens a mail
> > > delivery transaction.
> >
> > I use a log parser that "collates" all the log entries for each
> > message from arrival through final delivery. The TLS data is already
> > logged in full detail. I am not convinced that compact logging is
> > sufficiently detailed to be useful, and logging everything with
> > each per-recipient record is I think impractical.
>
> It could be useful to log tls=none/encrypted/verified/secure, and
> thus give a general idea. People who really want to know the nuts
> and bolts can parse multi-line records.
OK, provided people don't become unhappy when we refuse to log additional
details.
--
Viktor.
