A. Schulze:
>
> Hello,
>
> we implemented a submission server with SASL authentication. nothing
> special...
> also we use to grep for "sasl_username=$customer_with_trouble".
>
> today I noticed, the successful authentication was not logged
> because a sender address was rejected. Looks like sasl_username
> logging happen only with a valid QueueID which is not available
> in some cases. I only assume the authentication was successful
> by the final log entry mention "auth=1"
>
> postfix/submission/smtpd[31338]: connect from foo.example.org[192.0.2.25]
> postfix/submission/smtpd[31338]: Anonymous TLS connection established from
> foo.example.org[192.0.2.25]: TLSv1 with cipher $not_important_here
> postfix/submission/smtpd[31338]: NOQUEUE: reject: RCPT from
> foo.example.org[192.0.2.25]: 550 5.1.0 <unknown_sen...@example.org>: Sender
> address rejected: User unknown; ...
> postfix/submission/smtpd[31338]: disconnect from foo.example.org[192.0.2.25]
> ehlo=2 starttls=1 auth=1 mail=1 rcpt=0/1 quit=1 commands=6/7
>
>
> would it make sense / be possible to log successful authentication always?
No, that would log it too often in normal sessions. Instead it can
be logged for rejected commands.
reject: from host[addr] ...; from=<sender>, to=<recip>, proto=SMTP,
helo=<helo>, sasl_username=<user>
Wietse
