Hi, Seems this is a slightly wider issue, maybe with just postfix and postfi-sasl filters.
The regex for the filters are missing the port after the host IP that is connects to, as this seems to be a new thing that is logged(well not that I've noticed previously). The "fix" or work around for this was to add (\d*?:)? after \[<HOST>\]: in the two filter conf files. So for fuller context, the postfix-sasl.conf failregex line would change from: failregex = ^%(__prefix_line)swarning: [-._\w]+\[<HOST>\]: SASL (?:LOGIN|PLAIN|(?:CRAM|DIGEST)-MD5) authentication failed(: [ A-Za-z0-9+/]*={0,2})?\s*$ to failregex = ^%(__prefix_line)swarning: [-._\w]+\[<HOST>\]:(\d*?:)? SASL (?:LOGIN|PLAIN|(?:CRAM|DIGEST)-MD5) authentication failed(: [ A-Za-z0-9+/]*={0,2})?\s*$ There maybe more .conf files that might need the regex updated too. HTH Linux 3.16.0-4-amd64 #1 SMP Debian 3.16.7-ckt20-1+deb8u3 (2016-01-17) x86_64 GNU/Linux libc6:amd64 2.19-18+deb8u3 sasl2-bin 2.1.26.dfsg1-13 postfix 2.11.3-1 -- Thanks Paul Dean. "Life is not WHAT you make it, it's WHO you have in it..."
pgpE9EUwuXEL9.pgp
Description: OpenPGP digital signature