Hi, could it be possible to log the TLS cipher suite as Postfix does? This is a typical TLS Dovecot log line: imap-login: Login: user=<user at acme.com>, method=DIGEST-MD5, rip=1.2.3.4, lip=4.3.2.1, mpid=19671, TLS, session=<Jsvr46wt2c1ScQfY> This is the Postfix equivalent postfix/smtp[59723]: Anonymous TLS connection established to mail.acmne.com[1.2.3.4]:25: TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits) -- Ciao, luigi / +--[Luigi Rosa]-- \ We're not surrounded, we're in a target-rich environment!
Add %k to login_log_format_elements (in conf.d/10-logging.conf)
for example
login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c
%k session=<%{session}>
On 03/12/2016 12:20 AM, Luigi Rosa wrote:> Hi,
> could it be possible to log the TLS cipher suite as Postfix does?
>
> This is a typical TLS Dovecot log line:
>
> imap-login: Login: user=<user at acme.com>, method=DIGEST-MD5,
> rip=1.2.3.4, lip=4.3.2.1, mpid=19671, TLS, session=<Jsvr46wt2c1ScQfY>
>
> This is the Postfix equivalent
>
> postfix/smtp[59723]: Anonymous TLS connection established to
> mail.acmne.com[1.2.3.4]:25: TLSv1.2 with cipher AECDH-AES256-SHA
> (256/256 bits)
>
>
>
Forgot the important part, sorry http://wiki.dovecot.org/Variables On 03/12/2016 12:30 AM, Gedalya wrote:> Add %k to login_log_format_elements (in conf.d/10-logging.conf) > for example > > login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e > %c %k session=<%{session}> > > > On 03/12/2016 12:20 AM, Luigi Rosa wrote: >> Hi, >> could it be possible to log the TLS cipher suite as Postfix does? >> >> This is a typical TLS Dovecot log line: >> >> imap-login: Login: user=<user at acme.com>, method=DIGEST-MD5, >> rip=1.2.3.4, lip=4.3.2.1, mpid=19671, TLS, session=<Jsvr46wt2c1ScQfY> >> >> This is the Postfix equivalent >> >> postfix/smtp[59723]: Anonymous TLS connection established to >> mail.acmne.com[1.2.3.4]:25: TLSv1.2 with cipher AECDH-AES256-SHA >> (256/256 bits) >> >> >> >
Thank you very much! Gedalya wrote on 12/03/2016 06:30:> Add %k to login_log_format_elements (in conf.d/10-logging.conf) > for example > > login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c %k > session=<%{session}> > > > On 03/12/2016 12:20 AM, Luigi Rosa wrote: >> Hi, >> could it be possible to log the TLS cipher suite as Postfix does? >> >> This is a typical TLS Dovecot log line: >> >> imap-login: Login: user=<user at acme.com>, method=DIGEST-MD5, rip=1.2.3.4, >> lip=4.3.2.1, mpid=19671, TLS, session=<Jsvr46wt2c1ScQfY> >> >> This is the Postfix equivalent >> >> postfix/smtp[59723]: Anonymous TLS connection established to >> mail.acmne.com[1.2.3.4]:25: TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits) >> >> >> >-- Ciao, luigi / +--[Luigi Rosa]-- \ Natalya Simonova: You destroy every vehicle you get into? James Bond: Standard operating procedure. Boys with toys. --"007 Goldeneye"