Am 2020-04-06 23:53, schrieb Viktor Dukhovni:
On Mon, Apr 06, 2020 at 02:53:25PM +0100, Dominic Raferd wrote:
> whose output you'd send to the attached Perl script. On my system for
> example:
>
> # bzip2 -dcf $(ls -tr /var/log/maillog*) | perl collate | perl tlstype.pl
I should perhaps mention that the "tlstype.pl" Perl script does not
handle TLS connection re-use. I've not looked at what it would take
to do that.
And it does not work for mixed-case hostnames:
- TLS connection established to lower-case-hostname
- relay=mixed-case-hostname
We should perhaps consider logging some indication of TLS in the
core delivery summary line:
postfix/smtp: <qid>: to=<...>,[ orig_to=<...>,] relay=...,
[ tls=<level>:(Anonymous|Untrusted|Verified),]
that is, perhaps just the security level and verification status?
Collating the data from the logs is tricky, and likely more so with
connection reuse (but perhaps not too bad, exercise for the reader...).
Regards,
Michael
