Increase verbosity of logging of saslauth
Jobst Schmalenbach
jobst at barrett.com.au
Thu Sep 12 03:44:11 EDT 2019
On Thu, Sep 12, 2019 at 12:04:19AM -0600, Amir Caspi (cepheid at 3phase.com) wrote:
> On Sep 11, 2019, at 9:40 PM, Jobst Schmalenbach <jobst at barrett.com.au> wrote:
> >
> If it's just sendmail you care about, then set your sendmail log level to 10 or higher. If you use sendmail.mc (and convert via m4), then insert the following:
> O LogLevel=10
> You can use higher log levels, but 10 is the minimum required to get the SASL auth info. With level 10, you'll get lines like these in /var/log/maillog:
Thanks for the reply!
I have had this set to 14 for a long time due to some MILTERS I have running and I need the read the output of those milters.
>
> Sep 8 04:22:06 hostname sendmail[30028]: x884M25w030028: AUTH failure (LOGIN): authentication failure (-13) SASL(-13): authentication failure: checkpass failed, relay=[193.169.255.137]
These lines are my problem exactly ... I only sometimes get anything in /var/log/secure
Most of the time those lines look like
Sep 8 11:42:21 sendmail[32726]: x881gCC5032726: AUTH failure (CRAM-MD5): user not found (-20) SASL(-13): user not found: Unable to find a callback: 32775, relay=hosting-by.directwebhost.org [45.227.253.117] (may be forged)
but I never see anything in /var/log/secure
S my problem is I cannot see the username and/or whether it actually exists.
I would like - at the very least - see the names, so I can see whether the person trying is having SOME clue or is far of the planet (just for my own sake).
I get some entries like so
Aug 26 18:43:47 saslauthd[1291]: do_auth : auth failure: [user=test] [service=smtp] [realm=] [mech=pam] [reason=PAM auth error]
but at most of the times I see nothing.
It would be helpful to at least see the usernames .... if they are far off I could not care less.
But there are literrally hundreds of those "user not found" messages in the maillog without corresponding entires in /var/log/secure.
--
Jobst Schmalenbach
A computer without Microsoft is like chocolate cake without ketchup!
More information about the Cyrus-sasl
mailing list