Re: [OpenSMTPD] Logging enhancement: Inbound Interface, Port

Thu, 10 Oct 2024 07:03:42 -0700 

[2024-10-10 07:15] Mark Lawrence <m...@rekudos.net>
> My smtpd.conf configuration listens on multiple interfaces, ports, and a
> socket:
>
>      listen on socket filter dkimsign
>
>      listen on lo filter dkimsign
>
>      listen on ens192 port smtp \
>          ...
>
>      listen on ens192 port submissions \
>          ...
>
> Unfortunately log entries do not provide any indication of what an inbound 
> SMTP
> session connected _to_, only where it came _from_:
>
>      2024-10-10T06:06:18.420359+00:00 d smtpd[2788672]: a69da1d474653ee1
>          smtp connected
>          address=2.35.149.223      <----- remote
>          host=net-2-35-149-223.cust.vodafonedsl.it
>
> In this particular instance I was surprised by an authentication failure. Not
> the usual "AUTH LOGIN ... Command not supported" but by a "AUTH PLAIN ...
> Authentication failed". After a short panic that my config was insecure I
> worked out it must have come in on the submissions port. It would have been
> obvious if the port and/or interface was included in the log output.
>
> So my simple request is for two additional keys to be added to the "smtp 
> connected"
> output:
>      
>      interface="/run/smtpd.sock|lo|ens192|eth0|..."
>      port="<blank>|25|465|587|...."
>
> I suspect that interface names may not be (easily) known at smtp connection
> time, so perhaps it would more likely have to be the local address:
>
>      interface="socket|127.0.0.1|212.215.X.Y|2001:db8::aef1|..."
>      port="<blank>|25|465|587|...."
>
> One might also consider combining the two, although I find the contortions for
> IPv6 a bit ugly.
>
>      to="212.215.X.Y:25"
>
>      to="[fe80::250:56ff:fe3c:]:587"

I like the idea so I have implemented it:

diff --git a/usr.sbin/smtpd/smtp_session.c b/usr.sbin/smtpd/smtp_session.c
index 7f17516f..fa0cb7e3 100644
--- a/usr.sbin/smtpd/smtp_session.c
+++ b/usr.sbin/smtpd/smtp_session.c
@@ -2076,8 +2076,8 @@ smtp_connected(struct smtp_session *s)
 {
        smtp_enter_state(s, STATE_CONNECTED);
 
-       log_info("%016"PRIx64" smtp connected address=%s host=%s",
-           s->id, ss_to_text(&s->ss), s->rdns);
+       log_info("%016"PRIx64" smtp connected address=%s host=%s interface=%s 
port=%i",
+           s->id, ss_to_text(&s->ss), s->rdns, ss_to_text(&s->listener->ss), 
ntohs(s->listener->port));
 
        smtp_filter_begin(s);
 

I haven't tested it yet, but it should work.

Philipp

Reply via email to