DevHeads.net

Postfix audit

Hi guys,

We're in an audit process here and this is giving us a headech.

Is there anyway to log the MTA to MTA transactions one per file?

For example, client requests to send a message, the MTA says OK, sends
the message and keep a log of the MTA to MTA transaction.

Thanks in advance.

BR,

Rafael

Comments

Re: Postfix audit

By LuKreme at 06/11/2019 - 10:30

On Jun 11, 2019, at 7:55 AM, Rafael Azevedo < ... at gmail dot com> wrote:
You can use rsyslog to log based on the queueid? But queueid could not be a single line.

With rsyslog the trick is to find something unique in the log lines you want.

Maybe 'relay=.*\]:25’?

Re: Postfix audit

By LuKreme at 06/11/2019 - 10:49

On Jun 11, 2019, at 8:30 AM, @lbutlr < ... at kreme dot com> wrote:
Looking at my logs it looks like

'\]:25:’ is enough.

Re: Postfix audit

By Rafael Azevedo at 06/11/2019 - 10:58

I need the full SMTP transaction, commands such as EHLO, MAIL FROM:,
RCPT TO:, and DATA...

Em ter, 11 de jun de 2019 às 11:50, @lbutlr < ... at kreme dot com> escreveu: