disable logging of header_checks FILTER action
hi, smtp_header_checks = pcre:/etc/postfix/header_chk /^Subject: .*test.*/ FILTER test: Postfix then logs: Jan 30 12:44:16 mx2 postfix/cleanup[19243]: 096B95EAE2: filter: header Subject: some text test from mail-cloud-01.asdfasdf.tld[1.2.3.4];(...) How to disable logging of this events? I simply do not want to have sensitive informations (subject) in postfix logs. Stefan
Re: disable logging of header_checks FILTER action
Stefan Bauer: > hi, > > smtp_header_checks = pcre:/etc/postfix/header_chk > > /^Subject: .*test.*/ FILTER test: > > Postfix then logs: > > Jan 30 12:44:16 mx2 postfix/cleanup[19243]: 096B95EAE2: filter: header > Subject: some text test from mail-cloud-01.asdfasdf.tld[1.2.3.4];(...) > > How to disable logging of this events? I simply do not want to have > sensitive informations (subject) in postfix logs. Can you use an rsyslog filter for this? https://www.rsyslog.com/doc/v8-stable/configuration/filters.html An acceptable Postfix implementation would add a regexp/pcre lookup table to the Postfix syslog client code. Tinkering with individual header/body/access actions would not be acceptable. The problem with not logging such actions is that you have no idea why Postfix is doing what it does. Wietse
Re: disable logging of header_checks FILTER action
Wietse Venema: > Stefan Bauer: > > hi, > > > > smtp_header_checks = pcre:/etc/postfix/header_chk > > > > /^Subject: .*test.*/ FILTER test: > > > > Postfix then logs: > > > > Jan 30 12:44:16 mx2 postfix/cleanup[19243]: 096B95EAE2: filter: header > > Subject: some text test from mail-cloud-01.asdfasdf.tld[1.2.3.4];(...) > > > > How to disable logging of this events? I simply do not want to have > > sensitive informations (subject) in postfix logs. > > Can you use an rsyslog filter for this? > https://www.rsyslog.com/doc/v8-stable/configuration/filters.html > > An acceptable Postfix implementation would add a regexp/pcre lookup > table to the Postfix syslog client code. Tinkering with individual > header/body/access actions would not be acceptable. Basically, a matchlist for strings, not domains or network addresses. > The problem with not logging such actions is that you have no idea > why Postfix is doing what it does. > > Wietse >
