I made a test (log below). The warning header appears in "cleanup" log line. Not in the same line with the smtp client log, with Exchange rejection.
Apr 27 03:14:03 gateway postfix/cleanup[10319]: 76D2343520: warning: header X-SMTP-Client-Addr: ip.add.re.ss from host.s-domain.com[ip.add.re.ss]; from=sen...@s-domain.com to=recipi...@r-domain.com proto=ESMTP helo=host.s-domain.com: client address ip.add.re.ss I don't see how it helps in this case, but the tip you gave me will be useful in my work. Is very late and probably I did not explain clearly. In a way or another, the result I'm looking to obtain is a bit similar to reject_unverified_recipient (negative cache), but triggered against Postfix client IPs that are insisting in sending rejected messages by other servers (550 5.7.1), with no previous good deliveries, recorded already automatically in Postfix platform, in a whitelist. After 3-5 asynchronous bounces, Postfix will cause synchronous bounces, on the client side. Those limited async. bounces should have a smaller impact on IP reputation of Postfix, if they occur rare. In case the senders are forged from different providers, should have almost no impact (at least in my dreams, now). Thank you. Marius. -----Original Message----- From: owner-postfix-us...@postfix.org [mailto:owner-postfix-us...@postfix.org] On Behalf Of Wietse Venema Sent: Sunday, April 27, 2014 3:51 AM To: Postfix users Subject: Re: sender ip in smtp log line Wietse Venema: > Marius Gologan: > > Can I add, in any way, the sender ip on the postfix/smtp log line? > > No. > > You can extract the SMTP client IP address from Postfix logging with > the same queue ID. This works best when you enable long queue IDs that > never repeat. > > # postconf -e "enable_long_queue_ids = yes" > # postfix reload > > You can also find the SMTP client IP address in the Received: message > header that was added by your Postfix SMTP server. Another option: prepend a message header in the SMTP server, and log that message header in the SMTP client. /etc/postfix/main.cf: smtpd_client_restrictions = check_client_access pcre:/etc/postfix/prepend_client smtp_header_checks = pcre:/etc/postfix/smtp_header_checks /etc/postfix/prepend_client: /^([0-9.]+|[0-9a-f:]+)$/ prepend X-SMTP-Client-Addr: $1 /etc/postfix/smtp_header_checks: /^X-SMTP-Client-Addr: (\S+)/ warn client address $1 Instead of X-SMTP-Client-Addr use something that is unlikely to appear in other people's email. This requires Postfix 2.5 or later. Wietse
