v2.1.2 added support for "session IDs", which is a 9 year unique identifier for 
that specific IMAP/POP3 connection. Initially I thought it would only be useful 
for tracking connections going through Dovecot proxies to backends (the session 
ID is forwarded), but then I thought it could be useful for everyone if auth 
process also logs the session ID. So I thought for v2.1.6 I'd change the 

a) Failed login:

Apr 28 17:37:23 auth: Debug: client in: AUTH    1       PLAIN   service=imap    
secured session=XtG7KL6+jQB/AAAB        lip=   rip=   
lport=143       rport=42125     resp=<hidden>
Apr 28 17:37:23 auth: Debug: passwd-file(foo,,<XtG7KL6+jQB/AAAB>): 
lookup: user=foo file=/usr/local/etc/passwd.imap
Apr 28 17:37:23 auth: Info: passwd-file(foo,,<XtG7KL6+jQB/AAAB>): 
unknown user
Apr 28 17:37:25 auth: Debug: client out: FAIL   1       user=foo
Apr 28 17:37:50 imap-login: Info: Aborted login (auth failed, 1 attempts in 27 
secs): user=<foo>, method=PLAIN, rip=, lip=, secured, 

b) Successful login:

Apr 28 17:38:27 auth: Debug: client in: AUTH    2       PLAIN   service=imap    
secured session=rNuHLL6+jgB/AAAB        lip=   rip=   
lport=143       rport=42126     resp=<hidden>
Apr 28 17:38:27 auth: Debug: passwd-file(tss,,<rNuHLL6+jgB/AAAB>): 
lookup: user=tss file=/usr/local/etc/passwd.imap
Apr 28 17:38:27 auth: Debug: client out: OK     2       user=tss
Apr 28 17:38:27 auth: Debug: master in: REQUEST 1375993857      14321   2       
Apr 28 17:38:27 auth: Debug: passwd-file(tss,,<rNuHLL6+jgB/AAAB>): 
lookup: user=tss file=/usr/local/etc/passwd.imap
Apr 28 17:38:27 auth: Debug: master out: USER   1375993857      tss     
uid=1000        gid=1000        home=/home/tss
Apr 28 17:38:27 imap-login: Info: Login: user=<tss>, method=PLAIN, 
rip=, lip=, mpid=14338, secured, session=<rNuHLL6+jgB/AAAB>
Apr 28 17:47:15 imap(tss,<rNuHLL6+jgB/AAAB>): Info: Disconnected: Logged out 
in=8 out=369

The last line requires a modified mail_log_prefix, I wasn't planning on 
changing its default.

I'm mainly wondering:

1) Does this change break someone's auth log line parsing?
2) Does the auth prefix look prettier with or without <> around session id? :)
3) Anything else I should do about this now that I'm changing it anyway?

Reply via email to