Hi folks, I'm new around here. I'm a happy OpenSMTPD user (on FreeBSD), and I maintain SSHGuard (https://www.sshguard.net/), a program that reads system logs and adds temporary firewall rules.
Some SSHGuard users want to use SSHGuard with OpenSMTPD. OpenSMTPD 6.6.0 appears to log SMTP sessions: May 26 00:20:00 mx01 smtpd[9904]: ce7a8154503699d2 smtp connected address=a.b.c.d host=a.b.c.d Subsequent things that happen during that session look like: May 26 00:20:00 mx01 smtpd[9904]: ce7a8154503699d2 smtp failed-command command="AUTH LOGIN (password)" result="535 Authentication failed" Chasing changes in syslog output is a part of maintaining software like SSHGuard. Unfortunately, my parser (which recently learned how to pledge!) is a bit dull and would require some re-education to remember SMTP sessions and their associated IP addresses. So, my questions are: Why did OpenSMTPD stop reporting IP addresses on every line? Is there any chance that OpenSMTPD can put IP addresses back on every line? Regards, Kevin -- Kevin Zheng kevinz5...@gmail.com | kev...@berkeley.edu XMPP: kev...@eecs.berkeley.edu
