Increase verbosity of logging of saslauth

Jobst Schmalenbach jobst at barrett.com.au
Thu Sep 12 03:44:11 EDT 2019 

On Thu, Sep 12, 2019 at 12:04:19AM -0600, Amir Caspi (cepheid at 3phase.com) wrote:
> On Sep 11, 2019, at 9:40 PM, Jobst Schmalenbach <jobst at barrett.com.au> wrote:
> > 
> If it's just sendmail you care about, then set your sendmail log level to 10 or higher.  If you use sendmail.mc (and convert via m4), then insert the following:
> O LogLevel=10
> You can use higher log levels, but 10 is the minimum required to get the SASL auth info.  With level 10, you'll get lines like these in /var/log/maillog:

Thanks for the reply!

I have had this set to 14 for a long time due to some MILTERS I have running and I need the read the output of those milters.

> 
> Sep  8 04:22:06 hostname sendmail[30028]: x884M25w030028: AUTH failure (LOGIN): authentication failure (-13) SASL(-13): authentication failure: checkpass failed, relay=[193.169.255.137]

These lines are my problem exactly ... I only sometimes get anything in /var/log/secure
Most of the time those lines look like

   Sep  8 11:42:21 sendmail[32726]: x881gCC5032726: AUTH failure (CRAM-MD5): user not found (-20) SASL(-13): user not found: Unable to find a callback: 32775, relay=hosting-by.directwebhost.org [45.227.253.117] (may be forged)

but I never see anything in /var/log/secure

S my problem is I cannot see the username and/or whether it actually exists.
I would like - at the very least - see the names, so I can see whether the person trying is having SOME clue or is far of the planet (just for my own sake).

I get some entries like so

   Aug 26 18:43:47 saslauthd[1291]: do_auth         : auth failure: [user=test] [service=smtp] [realm=] [mech=pam] [reason=PAM auth error]

but at most of the times I see nothing.

It would be helpful to at least see the usernames .... if they are far off I could not care less.
But there are literrally hundreds of those "user not found" messages in the maillog without corresponding entires in /var/log/secure.



-- 
Jobst Schmalenbach
A computer without Microsoft is like chocolate cake without ketchup!

More information about the Cyrus-sasl mailing list