Very low priority question here... I don't announce or accept AUTH on my public port 25 postfix smtpd service, before or after STARTTLS, yet there is always a constant trickle of probes that do attempt it.
On rare occasions, there are days-long concerted efforts from a wide array of source addresses. It would be nice to have a little bit of simple logging for these (failed/rejected) AUTH attempts. Basically, it would be nice to be able to quickly decide between "oh yeah, of course that's hopeless, ignore it" and "hmmm, that looks disturbing, I'd better dig into what's going on there". I don't see any postfix config options related to this sort of thing. (Well, almost, but smtpd_sasl_authenticated_header doesn't do any good in this situation.) Am I missing something? Thanks. - James
