Victor Duchovni:
> > I'm just guessing, but I suspect that this is about making trouble
> > shooting easier, like putting some unique "trouble ticket" like
> > string in the 4XX or 5XX response that is easily located in the
> > logfile, so they can quickly locate the entire session in the log.
> >
> > smtpd_reject_contact_information =
> > For assistance, call 800-555-0101 with ticket $instance
> >
> > (where instance is the SMTP server PID and a sequence number, it's
> > the same attribute used in the SMTP policy server protocol).
> >
> > This is not as simple as it sounds (apart from the need to provide
> > the $name expansion module).
> >
> > Postfix currently does NOT log the contact footer to the maillog
> > file. There are tons of places in Postfix that reject a command
> > (e.g., bad syntax, or some requested feature not available) without
> > logging that the command was rejected. That would just make it too
> > easy for the bad guys to flood the maillog file with garbage.
> >
> > I could change postfix to ALWAYS log the contact footer to the
> > maillog fil3, but then you'd get lots of contact footers in the
> > maillog without any indication of why they were logged.
>
> I don't think that the 50X or other unlogged error responses should
> start logging "disembodied" contact footers. If the contact footer is
> to log some unique identifier, then just that identifier could perhaps
> be added as a standard element of the log_whatsup() message...
Some people might disagree and say that Postfix should log ALL
rejects (including bad syntax/unsupported command). Currently, it
leaves helpdesk people scratching their head what to look for in
the maillog file when someone asks for help with a mail delivery
problem.
This requires more than simply logging all 4XX and 5XX responses,
because you also need to know log the command itself that is being
rejected. That is too much change before the Postfix 2.8 release.
What I could do for now is a contact footer with dynamic context
such as the SMTP server PID and client IP address. That information
is already in the maillog file.
So this would change the feature to:
smtpd_reject_contact_information =
For assistance, call 800-555-0101 (pid=$pid, client=$client_addr)
The result would look like:
554-5.5.1 <u...@example>: Recipient address reject: User unknown
554 5.5.1 For assistance, call 800-555-0101 (pid=7283, client=192.168.1.248)
The helpdesk person then looks for "[7283]" and "192.168.1.248" in
the maillog file. This would lift some, but not all, of the mystery
with commands that Postfix rejects (syntax, etc.) without logging
them.
Wietse
