Hi, could it be possible to log the TLS cipher suite as Postfix does? This is a typical TLS Dovecot log line: imap-login: Login: user=<user at acme.com>, method=DIGEST-MD5, rip=1.2.3.4, lip=4.3.2.1, mpid=19671, TLS, session=<Jsvr46wt2c1ScQfY> This is the Postfix equivalent postfix/smtp[59723]: Anonymous TLS connection established to mail.acmne.com[1.2.3.4]:25: TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits) -- Ciao, luigi / +--[Luigi Rosa]-- \ We're not surrounded, we're in a target-rich environment!
Add %k to login_log_format_elements (in conf.d/10-logging.conf) for example login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c %k session=<%{session}> On 03/12/2016 12:20 AM, Luigi Rosa wrote:> Hi, > could it be possible to log the TLS cipher suite as Postfix does? > > This is a typical TLS Dovecot log line: > > imap-login: Login: user=<user at acme.com>, method=DIGEST-MD5, > rip=1.2.3.4, lip=4.3.2.1, mpid=19671, TLS, session=<Jsvr46wt2c1ScQfY> > > This is the Postfix equivalent > > postfix/smtp[59723]: Anonymous TLS connection established to > mail.acmne.com[1.2.3.4]:25: TLSv1.2 with cipher AECDH-AES256-SHA > (256/256 bits) > > >
Forgot the important part, sorry http://wiki.dovecot.org/Variables On 03/12/2016 12:30 AM, Gedalya wrote:> Add %k to login_log_format_elements (in conf.d/10-logging.conf) > for example > > login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e > %c %k session=<%{session}> > > > On 03/12/2016 12:20 AM, Luigi Rosa wrote: >> Hi, >> could it be possible to log the TLS cipher suite as Postfix does? >> >> This is a typical TLS Dovecot log line: >> >> imap-login: Login: user=<user at acme.com>, method=DIGEST-MD5, >> rip=1.2.3.4, lip=4.3.2.1, mpid=19671, TLS, session=<Jsvr46wt2c1ScQfY> >> >> This is the Postfix equivalent >> >> postfix/smtp[59723]: Anonymous TLS connection established to >> mail.acmne.com[1.2.3.4]:25: TLSv1.2 with cipher AECDH-AES256-SHA >> (256/256 bits) >> >> >> >
Thank you very much! Gedalya wrote on 12/03/2016 06:30:> Add %k to login_log_format_elements (in conf.d/10-logging.conf) > for example > > login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c %k > session=<%{session}> > > > On 03/12/2016 12:20 AM, Luigi Rosa wrote: >> Hi, >> could it be possible to log the TLS cipher suite as Postfix does? >> >> This is a typical TLS Dovecot log line: >> >> imap-login: Login: user=<user at acme.com>, method=DIGEST-MD5, rip=1.2.3.4, >> lip=4.3.2.1, mpid=19671, TLS, session=<Jsvr46wt2c1ScQfY> >> >> This is the Postfix equivalent >> >> postfix/smtp[59723]: Anonymous TLS connection established to >> mail.acmne.com[1.2.3.4]:25: TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits) >> >> >> >-- Ciao, luigi / +--[Luigi Rosa]-- \ Natalya Simonova: You destroy every vehicle you get into? James Bond: Standard operating procedure. Boys with toys. --"007 Goldeneye"