Skip to content

Commit

Permalink
Save TLS connection trustlevel as variable
Browse files Browse the repository at this point in the history
  • Loading branch information
whyscream committed Jan 29, 2024
1 parent 46f5bec commit 8e0b737
Show file tree
Hide file tree
Showing 7 changed files with 8 additions and 1 deletion.
3 changes: 2 additions & 1 deletion postfix.grok
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,8 @@ POSTFIX_KEYVALUE %{POSTFIX_QUEUEID:postfix_queueid}: %{POSTFIX_KEYVALUE_DATA:pos
POSTFIX_WARNING_LEVEL (warning|fatal|info)
POSTFIX_VERIFY_CLEANUP_TYPE (full|partial)

POSTFIX_TLSCONN (Anonymous|Trusted|Untrusted|Verified) TLS connection established (to %{POSTFIX_RELAY_INFO}|from %{POSTFIX_CLIENT_INFO}): %{DATA:postfix_tls_version} with cipher %{DATA:postfix_tls_cipher} \(%{DATA:postfix_tls_cipher_size} bits\)( key-exchange %{DATA:postfix_tls_key_exchange} server-signature %{DATA:postfix_tls_server_signature} \(%{DATA:postfix_tls_server_signature_size} bits\) server-digest %{DATA:postfix_tls_server_digest})?

POSTFIX_TLSCONN %{DATA:postfix_tls_trustlevel} TLS connection established (to %{POSTFIX_RELAY_INFO}|from %{POSTFIX_CLIENT_INFO}): %{DATA:postfix_tls_version} with cipher %{DATA:postfix_tls_cipher} \(%{DATA:postfix_tls_cipher_size} bits\)( key-exchange %{DATA:postfix_tls_key_exchange} server-signature %{DATA:postfix_tls_server_signature} \(%{DATA:postfix_tls_server_signature_size} bits\) server-digest %{DATA:postfix_tls_server_digest})?
POSTFIX_TLSVERIFICATION certificate verification failed for %{POSTFIX_RELAY_INFO}: %{GREEDYDATA:postfix_tls_error}

POSTFIX_DELAYS %{NUMBER:postfix_delay_before_qmgr}/%{NUMBER:postfix_delay_in_qmgr}/%{NUMBER:postfix_delay_conn_setup}/%{NUMBER:postfix_delay_transmission}
Expand Down
1 change: 1 addition & 0 deletions test/smtp_0003.yaml
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
pattern: ^%{POSTFIX_SMTP}$
data: "Untrusted TLS connection established to mx4.hotmail.com[65.55.92.136]:25: TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)"
results:
postfix_tls_trustlevel: Untrusted
postfix_relay_hostname: mx4.hotmail.com
postfix_relay_ip: 65.55.92.136
postfix_relay_port: 25
Expand Down
1 change: 1 addition & 0 deletions test/smtp_0004.yaml
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
pattern: ^%{POSTFIX_SMTP}$
data: "Untrusted TLS connection established to 127.0.0.1[127.0.0.1]:2525: TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)"
results:
postfix_tls_trustlevel: Untrusted
postfix_relay_hostname: 127.0.0.1
postfix_relay_ip: 127.0.0.1
postfix_relay_port: 2525
Expand Down
1 change: 1 addition & 0 deletions test/smtp_0015.yaml
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
pattern: ^%{POSTFIX_SMTP}$
data: "Trusted TLS connection established to gmail-smtp-in.l.google.com[74.125.136.26]:25: TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)"
results:
postfix_tls_trustlevel: Trusted
postfix_relay_hostname: gmail-smtp-in.l.google.com
postfix_relay_ip: 74.125.136.26
postfix_relay_port: 25
Expand Down
1 change: 1 addition & 0 deletions test/smtp_0016.yaml
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
pattern: ^%{POSTFIX_SMTP}$
data: "Verified TLS connection established to mail.sys4.de[2001:1578:400:111::7]:25: TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)"
results:
postfix_tls_trustlevel: Verified
postfix_relay_hostname: mail.sys4.de
postfix_relay_ip: 2001:1578:400:111::7
postfix_relay_port: 25
Expand Down
1 change: 1 addition & 0 deletions test/smtpd_0010.yaml
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
pattern: ^%{POSTFIX_SMTPD}$
data: "Anonymous TLS connection established from julie.example.com[10.163.89.202]: TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)"
results:
postfix_tls_trustlevel: Anonymous
postfix_client_hostname: julie.example.com
postfix_client_ip: 10.163.89.202
postfix_tls_version: TLSv1.2
Expand Down
1 change: 1 addition & 0 deletions test/smtpd_0037.yaml
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
pattern: ^%{POSTFIX_SMTPD}$
data: "Anonymous TLS connection established from julie.example.com[10.163.89.202]: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256"
results:
postfix_tls_trustlevel: Anonymous
postfix_client_hostname: julie.example.com
postfix_client_ip: 10.163.89.202
postfix_tls_version: TLSv1.3
Expand Down

0 comments on commit 8e0b737

Please sign in to comment.