From 8e0b737bb454be8a93a865d716bfc65c338e61de Mon Sep 17 00:00:00 2001 From: Tom Hendrikx Date: Mon, 29 Jan 2024 22:11:11 +0100 Subject: [PATCH] Save TLS connection trustlevel as variable --- postfix.grok | 3 ++- test/smtp_0003.yaml | 1 + test/smtp_0004.yaml | 1 + test/smtp_0015.yaml | 1 + test/smtp_0016.yaml | 1 + test/smtpd_0010.yaml | 1 + test/smtpd_0037.yaml | 1 + 7 files changed, 8 insertions(+), 1 deletion(-) diff --git a/postfix.grok b/postfix.grok index fa08503..0fba659 100644 --- a/postfix.grok +++ b/postfix.grok @@ -23,7 +23,8 @@ POSTFIX_KEYVALUE %{POSTFIX_QUEUEID:postfix_queueid}: %{POSTFIX_KEYVALUE_DATA:pos POSTFIX_WARNING_LEVEL (warning|fatal|info) POSTFIX_VERIFY_CLEANUP_TYPE (full|partial) -POSTFIX_TLSCONN (Anonymous|Trusted|Untrusted|Verified) TLS connection established (to %{POSTFIX_RELAY_INFO}|from %{POSTFIX_CLIENT_INFO}): %{DATA:postfix_tls_version} with cipher %{DATA:postfix_tls_cipher} \(%{DATA:postfix_tls_cipher_size} bits\)( key-exchange %{DATA:postfix_tls_key_exchange} server-signature %{DATA:postfix_tls_server_signature} \(%{DATA:postfix_tls_server_signature_size} bits\) server-digest %{DATA:postfix_tls_server_digest})? + +POSTFIX_TLSCONN %{DATA:postfix_tls_trustlevel} TLS connection established (to %{POSTFIX_RELAY_INFO}|from %{POSTFIX_CLIENT_INFO}): %{DATA:postfix_tls_version} with cipher %{DATA:postfix_tls_cipher} \(%{DATA:postfix_tls_cipher_size} bits\)( key-exchange %{DATA:postfix_tls_key_exchange} server-signature %{DATA:postfix_tls_server_signature} \(%{DATA:postfix_tls_server_signature_size} bits\) server-digest %{DATA:postfix_tls_server_digest})? POSTFIX_TLSVERIFICATION certificate verification failed for %{POSTFIX_RELAY_INFO}: %{GREEDYDATA:postfix_tls_error} POSTFIX_DELAYS %{NUMBER:postfix_delay_before_qmgr}/%{NUMBER:postfix_delay_in_qmgr}/%{NUMBER:postfix_delay_conn_setup}/%{NUMBER:postfix_delay_transmission} diff --git a/test/smtp_0003.yaml b/test/smtp_0003.yaml index 81dd6f1..c5bb6ca 100644 --- a/test/smtp_0003.yaml +++ b/test/smtp_0003.yaml @@ -1,6 +1,7 @@ pattern: ^%{POSTFIX_SMTP}$ data: "Untrusted TLS connection established to mx4.hotmail.com[65.55.92.136]:25: TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)" results: + postfix_tls_trustlevel: Untrusted postfix_relay_hostname: mx4.hotmail.com postfix_relay_ip: 65.55.92.136 postfix_relay_port: 25 diff --git a/test/smtp_0004.yaml b/test/smtp_0004.yaml index c33f292..0fc742d 100644 --- a/test/smtp_0004.yaml +++ b/test/smtp_0004.yaml @@ -1,6 +1,7 @@ pattern: ^%{POSTFIX_SMTP}$ data: "Untrusted TLS connection established to 127.0.0.1[127.0.0.1]:2525: TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)" results: + postfix_tls_trustlevel: Untrusted postfix_relay_hostname: 127.0.0.1 postfix_relay_ip: 127.0.0.1 postfix_relay_port: 2525 diff --git a/test/smtp_0015.yaml b/test/smtp_0015.yaml index 3f7028e..12c2e50 100644 --- a/test/smtp_0015.yaml +++ b/test/smtp_0015.yaml @@ -1,6 +1,7 @@ pattern: ^%{POSTFIX_SMTP}$ data: "Trusted TLS connection established to gmail-smtp-in.l.google.com[74.125.136.26]:25: TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)" results: + postfix_tls_trustlevel: Trusted postfix_relay_hostname: gmail-smtp-in.l.google.com postfix_relay_ip: 74.125.136.26 postfix_relay_port: 25 diff --git a/test/smtp_0016.yaml b/test/smtp_0016.yaml index f3c6344..35b3858 100644 --- a/test/smtp_0016.yaml +++ b/test/smtp_0016.yaml @@ -1,6 +1,7 @@ pattern: ^%{POSTFIX_SMTP}$ data: "Verified TLS connection established to mail.sys4.de[2001:1578:400:111::7]:25: TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)" results: + postfix_tls_trustlevel: Verified postfix_relay_hostname: mail.sys4.de postfix_relay_ip: 2001:1578:400:111::7 postfix_relay_port: 25 diff --git a/test/smtpd_0010.yaml b/test/smtpd_0010.yaml index 70cadd7..9762ddf 100644 --- a/test/smtpd_0010.yaml +++ b/test/smtpd_0010.yaml @@ -1,6 +1,7 @@ pattern: ^%{POSTFIX_SMTPD}$ data: "Anonymous TLS connection established from julie.example.com[10.163.89.202]: TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)" results: + postfix_tls_trustlevel: Anonymous postfix_client_hostname: julie.example.com postfix_client_ip: 10.163.89.202 postfix_tls_version: TLSv1.2 diff --git a/test/smtpd_0037.yaml b/test/smtpd_0037.yaml index ff6c278..b88105d 100644 --- a/test/smtpd_0037.yaml +++ b/test/smtpd_0037.yaml @@ -1,6 +1,7 @@ pattern: ^%{POSTFIX_SMTPD}$ data: "Anonymous TLS connection established from julie.example.com[10.163.89.202]: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256" results: + postfix_tls_trustlevel: Anonymous postfix_client_hostname: julie.example.com postfix_client_ip: 10.163.89.202 postfix_tls_version: TLSv1.3